top of page

Hands-On Security Assessment

Assess your infrastructure security and map out your risks with OWNSEC. Major efforts have been invested into our Security Assessment methodological backbone, so you can enjoy comprehensive and in-depth results, without wasting your time and resources on lengthy questioning sessions (0-overhead policy). Security Implementation Plans are Included free of charge.

What's This?

Security Assessment is a tool used for securing information systems, by reviewing and analyzing attack vectors, which stem from:

  • The system's overall technical specification (its architecture)

  • The way in which Business Logic is implemented within the system's components.

In comparison with other services, Security Assessment is the best way of ensuring the quality of the end result.

By nature, Security Assessments are more radical and comprehensive than their other counterparts in the market (such as Penetration Testing) and they are considered a "white-box" test.

The "white-box" term in this situation means that the assessor has full access to:

  • The system components on a technical level.

  • Design and architecture documentation.

  • Other business-related factors such as development methodologies and personnel, regulation/standards relevant to the organization or assessed system.

All of these highly contribute to the completeness of the end result.


Out in the wild, approaches to "conducting a Security Assessment" may differ immensely from one another, and hence, their requirements and expected output as well. That being said, there is, in fact, a common "backbone" to all current methodologies:

  • Information Gathering: along with peripheral information regarding the assessed system and its owners, business logic and technical specification is gathered and mapped to lay the basis for the assessment

  • Analysis: the gathered information about the system and its components are matched with correlated Security Best Practices, if the information doesn't represent the desired state, it registers as a "Security Finding".

  • Report: once a sufficient amount of findings is achieved, findings are then analyzed, crossed, and calculated into reportable security risks. These risks are reported back to the client as a map of all known risks - with or without further mitigation steps.

Security Assessment can only be as good as the quality of the information gathered from the target system - more relevant information leads to better analysis and hence to a better assessment overall, but it could also mean "more overhead", here are the most common approaches of gathering information during assessments:

  • Questioning: an "old school" approach, commonly used in regulation and standards consulting. May not be sufficient across multiple technologies, which usually causes significant overheads.

  • Automatic Scans/Scripts: an approach that involves automation in order to gather large amounts of information. It is also well-known to generate large amounts of false-positives and false-negatives while bringing no insight into the process. Relying on automatic scans without analyzing/crossing results in the relevant context is considered anti-pattern, and is not a Security Assessment by definition.

  • Hands-On: most practical and effective approach - by directly probing and gathering information from within the target system we can ensure a direct, clean assessment - maximizing the quality of gathered information and minimizing wasted time/resources. This approach can be aided with automatic scans.


Considering these approaches and their outcomes, we rely upon both "Hands-On" and (when necessary) "Automatic Scans", in order to achieve our main goal - "best quality with zero-overhead".

What You're Getting?


Most commonly, once a Security Assessment is complete and a satisfying amount of findings is achieved, a report that contains a map of all known risks is generated and provided back to the customer.


If you choose OwnSec, you are assured to:

  • Comprehensive, down-to-the-point report that maps out all known risks to your system.

  • Gap Analysis for regulations and standards.

  • Technically detailed Implementation Plan provided with the assessment's final report - free of charge.

  • Extra hours for implementation aid consultancy/pair-programming - free of charge.


How It's Done?


Poorly practiced Security Assessments may present either additional workloads to the assessed business or provide insufficient insight regarding the target system security. Our methodology was devised to achieve “0-overhead” while maximizing the quality of your report and overall process, the steps included in OwnSec Security Assessments:

  1. Assessment Definition: The initial step of the assessment consists of 2 parts that are essential to everything that comes next:

    1. The Assessment Scope: The desired section of the target system and the technological scale (code-level, application/service-level, OS-level, infrastructure) of the section selected for the assessment.

    2. The Assessment Depth: A ranking method used to globally control the desired security-level of the target system, by assigning the percentage of security practices to be engaged by the assessor, out of the total practices available to the target system in each level of practice importance (Critical to Info). And Since findings extracted in a single assessment could sometimes score in hundreds of findings, we consider the average "sufficient security-level" to be [1C, 1H, 0.8M, 0.5L, 0.2I] to meet the security needs of most systems. Do note: [(C)ritical, (H)igh, (M)edium, (L)ow, (I)nfo]

  2. Hands-on Information Gathering and Asset Identification: System map-out of the target system for its technical components and business assets.

  3. Ranking Focus: In this step, the gathered information will be used to highlight areas in the system that may be of greater importance to the whole assessment - these areas in the system will be ranked by our Focus Index (which is scored in percentage) and will provide Security Focal Points for the assessment. By doing so, we can assure the assessment’s precision and make a way to identify critical findings.

  4. Applying InfoSec Best Practices: our Security Best Practices pool consists of both technology-specific and “per-standard” practices, along with practices derived from previous assessments and research insights. Relevant practices in this step are matched with each Focal Point found in the previous “Ranking Focus” step.

  5. Extracting and Analyzing Findings: After having the Security Best Practices matched with their relevant Focal Points, extracting findings is a rather straightforward step (as a result of the clear evidence-foundation built in previous steps). Findings found in this step ranked for their risk (using the well-known “Impact vs. Likelihood” chart). As part of the analysis, findings that happen to cross/affect each other’s will be calculated under a single attack vector.

  6. Report Delivery and Implementation Plan: Once all findings are extracted, analyzed, and calculated with their correlative risk, a findings report is provided back to the customer along with a Security Implementation Plan designed to aid in implementing any security requirement that has been created as a result of the previous step.

bottom of page