Big Data (Hadoop) Penetration Testing
We at Attify love to break new technologies through the security gaps, and make enterprises more secure by enabling them to fix the vulnerabilities in no time.
If you are a startup or a Fortune 500 enterprise, chances are you rely on Hadoop for its Big Data requirements. In the case if extremely strict security processes are not followed and if developers are not aware of the security vulnerabilities, chances are you might be a highly insecure Big Data instance - waiting for it to be compromised by an attacker.
During our previous engagements, we have identified most of the Big Data Hadoop instances to be highly insecure and vulnerable to easy-to-execute security attacks. This made us to launch Hadoop and Big Data Penetration Testing as one of our offerings.
A typical Big Data Penetration Test (Attacker Simulated Exploitation) would involve the following components:
- Threat modeling
- Identifying Authentication and Authorization related vulnerabilities, including both Client and Cluster analysis
- Attacking Data in Rest and Data in Transmit
- Misconfiguration based vulnerabilities exploitation
- Patch management process security assessment
- Error handling and sensitive data leakage based security issues
- Insecure Direct Object References, Cross Site Scripting, exposed interfaces and common web based security vulnerabilities
- Attacking components such as Yarn resource manager and job tracker
- Attacking management interfaces such as Ambari, Cloudera manager, Ranger etc.
- Exploiting developer interfaces such as Hue and Ambari views
- Identifying Vulnerabilities in 3rd party packages
- Attacking administrative interfaces
- Assessing monitoring and backup processes
- Person Identifiable Information (PII) leakage identification
- Working with developers to recommend best mitigations
WANT TO START A mobile ATTACKER SIMULATED EXPLOITATION FOR YOUR application?
- Due to the huge number of requests we receive, we only work with clients whom we believe we can genuinely help.
- One of our technical team members would reach out to you within 48 hours in order to understand the scope and discuss the requirements.
- We will notify you of any critical finding as soon as it is discovered
- We share a DSR (Daily Status Report) with you to have an idea of what module we're testing currently
- Once the testing is complete, we share a highly detailed report mentioning the vulnerabilities and the best available mitigations specific to your scenario.
- We interact with you (conference room, phone call, webex) for a brief discussion of the overall engagement, including having additional discussions with your developers, if needed.
- Once your developers have fixed all the vulnerabilities, a re-assessment is conducted to ensure that all the vulnerabilities have been securely patched.
- Continuous testing at frequent intervals depending on your requirements.