Penetration testing (pen test) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.
Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings.
The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents.
Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in.
Benefits of Penetration Testing
Penetration testing a organisations environment has many benefits:
- Gives an organisation the ability to manage vulnerabilities
- Shows where vulnerability could cause serious organisation down time
- Proves compliance and regulatory requirements
- Bolsters image and can improve customer loyalty
Why perform Penetration Testing
A cyber event is costly
A cyber event can impact an organisation in many ways and can interrupt the normal day to day running of the organisation. A cyber event can compromise data, financial information, trade secrets and PII and can trigger costly mitigation requirements in fines and legal findings.
Finds areas you may not have thought about.
Penetration testing is designed to test all of the defences in such a way to show areas of the infrastructure that may have a problem. Penetration testing uses the same tactics and strategies that the hackers use to gain access. If a pen test can get in then the criminals can get in as well.
Identify risk and Vulnerabilities and prioritizes risk
Testing vulnerabilities for networks, computers, routers and servers is required to ensure that all risks to the organisation have been discovered and mitigated against.
How often should an organisation run a Penetration Test
Penetration testing and / or vulnerability scanning should be performed on a regular irregular schedule. Internal and external vulnerability scanning in conjuction with penetration testing should be completed when the following are performed in your organisation:
- When new infrastructure or applications are added to the environment
- When significant upgrades are introduced
- When moving office or adding new environments
- After updating applications and operating systems