What is penetration testing?
Penetration testing is a systematic process that can probe your security defenses for weak points in much the same way as a criminal would. Essentially, it can be considered a controlled form of hacking, where the tester simulates a real attack, but without the risk of doing any damage.
This can be done through the use of automated tools, which can scan a business' system looking for vulnerabilities. However, the most effective types of penetration testing are those done manually by an experienced tester, as these can directly mimic the techniques used by actual criminals to see how effectively defenses stand up in the real world.
What do these processes involve?
There are a few types of penetration testing that are intended to look at different areas of a business' systems. For instance, external testing is designed to focus on parts of the network that are visible to outsiders, such as the firewalls, web and email servers, and DNS systems. This helps businesses understand how far an attacker may be able to penetrate a network, as well as where they can go once inside.
By contrast, internal testing focuses on testing the threats posed by malicious insiders, and takes places entirely within the firewall. This is particularly useful for determining how safe systems are from issues such as disgruntled employees.
Broadly, penetration testing also falls into two categories - 'black box' and 'white box'. The former is most akin to what a real-world attack would look like, as the hacker is given no information on the company's systems beforehand - they may have nothing except the company's name. Therefore, they must uncover any vulnerabilities by themselves, just like an actual criminal.
White box, on the other hand, sees the tester provided with any relevant information such as the source code. This allows the tester to easily find vulnerabilities without having to hunt for the information. Therefore, it's less like a real hack than a black box test - but it is much less costly and faster, and has its own set of advantages.
What should a good penetration test tell you?
One of the key advantages of a penetration test is that it can uncover vulnerabilities that a business may have been completely unaware of beforehand. Whether it is because they are too close to the system, or they simply do not know how a real hacker would operate, it may often be the case that internal testing fails to spot gaps that can be spotted by a specialist penetration tester.
It can also alert businesses to the true state of their defenses, in particular when it comes to seemingly minor flaws that may not have attracted attention previously. It is often the case that apparently benign issues could be the crack that allows hackers access to a systems, and it is only by conducting operations such as penetration testing that this will become clear.
If your business is concerned about security issues - particularly hacks aimed at businesses with similar profiles to your own - or if you're exposed to risk factors such as a large number of outsourced services or recent major changes to your infrastructure, penetration testing should be a key part of your cybersecurity strategy. Undergoing such a test may well be the health check your company needs to close a gap before it becomes an issue. After all, prevention is better than cure, and this activity is one of the best things you can do to prevent breaches of your network.
- The 3rd Annual Global Password Security Report
- Finding an Access Solution for Your Business
- Identity 101 for SMBs
Join the conversation...