While there are several types of individual Penetration Tests and methodologies that collectively make up a “Risk Based” penetration test, the scope of the project and the amount of prior knowledge the ethical hacker has about the target ultimately determines the type of testing performed. A Penetration Test typically includes one or more of the following tests from both inside and outside the organization’s network:
- Wireless testing
- Network Service testing
- Client-Side Testing
- Web Application Testing
- Remote dial-up (war dial) Testing
- Social engineering
In the case where the type of Penetration Test needed for your organization is mandated by your compliance effort, it is important to understand that compliance does not guarantee a secure environment. A “Risk Based” penetration test involves the performance of each item listed above and, combined with education, ultimately leads to the highest level of organizational security.
There are many driving factors for an organization to conduct a Penetration Test, but the most common reason involves compliance with an IT Governance standard such as the Payment Card Industry Data Security Standard (PCI DSS). While compliance is important, other reasons to conduct a penetration test include the protection of intellectual property, avoiding network downtime, and perseverance of corporate image and customer loyalty.
Penetration tests are typically performed using manual and automated technologies. Vulnerability scanners are useful in that they allow the ethical hacker to cover a lot of ground very quickly and automated scanners are also very useful for reconnaissance. However, a true penetration test does not exclusively rely on vulnerability scanner results and it tells an organization not only what is vulnerable but what can be compromised. Additionally, the penetration test report should not contain false positives as reported issued are confirmed through exploit validation. In some cases, the penetration test report may contain theoretical findings that were not exploited. A theoretical finding is supported by a noted reference and is not a false positive. For example, it may be possible to crack the encryption of a weak cipher but it may take more time that what the testing window will allow and therefore there is no need to prove that point. Such a finding is theoretical but valid.
When looking to outsource a Penetration Test, hiring the right talent is important and not all penetration testing companies are the same. It’s important that you hire an experienced team that not only employs a proven testing methodology but is capable of mimicking real world threats. At 1st Secure IT our philosophy is “When Compliance is not enough” and we believe that, in addition to our skill set, partnering with and providing education to our customers are two of the most important things we can do to foster a secure environment. If you want the job done right then look no further.
If you are interested in scheduling a Penetration Test or would like additional information please “Contact Us”.