The evolving tools, tactics and procedures used by cybercriminals to breach network defences means that the need to regularly assess your organisation’s cyber security defences cannot be overstated.
Penetration testing is a dedicated service designed to identify and safely exploit real-world weaknesses affecting systems, networks and devices. By providing an increased understanding of security weaknesses, penetration testing enables resources to be allocated more efficiently to protect areas most at risk. Its importance is highlighted by a growing need to undertake regular security assessments in order to achieve compliance with regulations such as PCI-DSS.
The difference between a penetration test and a vulnerability scan
Before commissioning the services of a managed security provider like Redscan to examine your organisation’s defences, it’s a good idea to think about the type of test you would like performed.
Penetration tests are routinely confused with vulnerability assessments – the two terms are often used interchangeably. Both services are actually very different however and knowing the difference before engaging with providers can help you to avoid getting caught out.
A penetration test utilises a combination of machine and human-led intelligence to identify and, crucially, exploit wide-ranging gaps in defences. A vulnerability scan, on the other hand, is a more restricted test performed using off-the-shelf scanning tools to search for known vulnerabilities, such as out-of-date software and incorrect registry entries.
While good for identifying common risks, a vulnerability scan is generally no substitute for a more comprehensive penetration test performed by a skilled ethical hacker capable of thinking outside the box.
If your organisation is at an early stage of cyber security maturity then a vulnerability assessment, followed by an-depth penetration test, could be the most efficient route to effective risk mitigation.
How to scope a penetration test
Prior to a penetration test being agreed, it’s important to think about scope. This will largely depend upon what you’re hoping to achieve. Do you want to comprehensively test your organisation’s complete attack surface or, in order to reduce the length of an engagement, restrict an assessment to a particular aspect of your security?
Deciding whether the test should include internal and external assets is a good starting point. External penetration tests encompass testing of a company’s externally visible servers or devices such as email and webservers and firewalls. An internal test is conducted behind a firewall and is useful for gauging how much damage could be inflicted by an insider attack, such as one instigated by a disgruntled employee.
Another key point for consideration is deciding how much information you wish to share with the organisation undertaking the penetration test. If the goal is to compromise a particular asset, then sharing system information such as network diagrams and software source code can help to maximise testing time and extend the range of the test. This approach is known as whitebox penetration testing.
To gauge how a malicious attacker might attempt to compromise your network without prior knowledge of infrastructure and assets, a black box penetration test is recommended.
What to look for when choosing a penetration test provider
When selecting a company to perform a penetration test, it pays to choose an organisation that provides the expertise to not only identify vulnerabilities but address them too.
As a provider of CREST accredited penetration testing services, Redscan can be trusted to deliver the deep, broad and balanced programmes needed to thoroughly test and help address vulnerabilities across network infrastructure, software applications, websites, mobile applications and more.
From scoping the requirements of an assessment through to providing strategic and tactical advice, Redscan’s CREST, OSCE, OSCP and OSWP certified ethical hackers provide the in-depth support your organisation needs to obtain the most benefit from improvements to your organisation’s cyber security.