A penetration test is performed to detect existing vulnerabilities in the IT infrastructure elements, followed by a practical demonstration of vulnerability exploitation (on the most significant ones) and the formulation of recommendations to eradicate the found flaws. Such testing can be automated through a web application penetration testing service or performed manually by a QA engineer. Let’s talk about it.
Why do we need penetration testing?
Customers requesting security testing are increasingly expressing two objectives: identifying the greatest number of true vulnerabilities in order to address them as soon as possible and measuring the attentiveness of the corporate staff.
To achieve your goals, you can’t do full-fledged testing and crypto audit using the traditional testing approach. A pure penetration test will not cover all vulnerabilities; just scanning for vulnerabilities will result in a large number of “junk” reports, and flaws in configuration settings uncovered through configuration analysis will not always result in a true penetration potential. It is necessary to combine different approaches.
Penetration testing allows you to test web servers, DNS servers, router settings, workstation vulnerabilities, and anything else a real attacker could use to gain unauthorized access to the protected information assets of the organization.
Depending on the set objectives and tasks, the test of penetration into the information system according to OSSTMM can be performed in 6 forms:
- Double Blind;
- Gray Box;
- Double Gray;
We distinguish these six types of testing depending on the amount of information available to the customer company and the test performer about their “adversary” and their further actions.
Double Blind testing is as close to real hacker attacks as possible (both sides have minimal or no information about the adversary and his actions). Data about the tested object will be collected using publicly available sources. This type of testing is the most costly and best demonstrates the real state of the enterprise security system.
The other types of testing are analogous to attacks on an enterprise’s information infrastructure: an attempt of industrial espionage, an insider attack, an attack by a fired employee, an attack using an unintentional information leak.