Test and Verification -> Dynamic depth for infrastructure: Test for exposed services

Risk: Standard network segmentation and firewalling has not been performed, leading to world open cluster management ports.

Opportunity: With the help of tools the network configuration of unintenonal exposed cluster(s) are tested. To identify clusters, all subdomains might need to be identified with a tool like OWASP Amass to perform portscans based o the result.

Usefullness: Medium

Required knowledge: Very Low (one discipline)

Required time: Very Low

Required resources (systems): Very Low

Implementation hints:

• nmap
• OWASP Amass

OWASP SAMM 1 Mapping: EH2-B

OWASP SAMM 2 Mapping: v-security-testing|A|1