Penetration testing takes the vulnerability assessment to the next level. Once a scan has been performed to identify potential vulnerabilities, these are then exploited by one of our consultants to try and gain access to the system or systems in question. The testing then goes further to include (should you so wish) social engineering attacks (still one of the most successful forms of attack). Again, once complete, a full report is produced which outlines the results of the various tests and also suggested fixes. A presentation can also be prepared and given to executive or technical audiences
Several factors have converged in the marketplace to make penetration testing a necessity. The evolution of information technology has focused on ease of use at the operational end, while exponentially increasing the complexity of the computer. Unfortunately, the administration and management requirements of these systems have increased because:
- The skill level required to execute a hacker exploit has steadily decreased.
- The size and complexity of the network environment has mushroomed.
- The number of network and Web-based applications has increased.
- The detrimental impact of a security breach on corporate assets and goodwill is greater than ever.
- Penetration testing is most commonly carried out within a “black-box” approach; that is, with no prior knowledge of the infrastructure to be tested.
At it simplest level, the penetration test process involves three phases:
- Preparation phase – A formal contract is executed containing non-disclosure of the client’s data and legal protection for the tester. At a minimum, it also lists the IP addresses to be tested and time to test.
- Execution phase – In this phase the penetration test is executed, with the tester looking for potential vulnerabilities.
- Delivery phase – The results of the evaluation are communicated to the pre-defined organizational contact, and corrective action is advised.
There are two types of penetration:
- Internal: This testing is often performed from different network access points that include both the physical and logical segments; this provides a more detailed view of the security.
- External: This testing has its focus on the infrastructure components, servers, and the related software of the target. It also provides a detailed analysis of the information that is available from public sources, such as the Internet.