A penetration test is a detailed review of an organization’s overall defense effectiveness by simulating a hacker targeting an organization’s network and data assets. Testing is performed manually, includes active exploitation, is multi-vectored, and often reveals many findings often missed by a standard vulnerability assessment. In addition, a penetration test has a goal or “trophy” in mind such as gaining access to confidential client information, intellectual property, administrator access, etc. Penetration testing is best used to test the effectiveness and resiliency of a matured security defense where an existing vulnerability management process already exists.
A penetration test typically involves performing information reconnaissance about a target organization, network mapping and system fingerprinting and enumeration, identifying vulnerabilities, exploitation, gaining and maintaining privileged access, evidence gathering, cleaning up, and reporting. The penetration test can be conducted externally from the Internet acting as an outsider and/or internally from inside the corporate LAN acting as a malicious insider. Different types of penetration tests can be performed with different goals in mind. A “white box” test, which can leverage data from provided information or a vulnerability assessment, and “black box,” which is performed with limited knowledge of the organization’s assets and defenses.
Below are the different types of penetration tests CDL typically conducts:
- Network Penetration Testing – Involves hacking an organization’s network using network-based attack vectors. Client-side attack vectors, which includes a few social engineering techniques, can also be performed.
- Application Penetration Testing – Involves in-depth testing of applications (web, database, software, mobile), reverse engineering, and identifying/exploiting vulnerabilities in order to gain unauthorized access to data.
- Social Engineering – Involves testing an organization’s information security awareness and employee training by hacking “people” in order to gain sensitive information. Examples: phone and email phishing, social networking, impersonation, etc.
- Physical Security Testing – Involves testing an organization’s physical security controls and defenses by breaching facilities and gaining physical access.
- Red Teaming – A penetration testing method that truly takes on the real world “hacker” perspective and tests an organization’s complete security defenses and incident response. A red team exercise involves “Blackbox” testing, having limited knowledge of the target’s defenses, and utilizes multiple physical, social, and network attack vectors to obtain a goal. More evasive hacker techniques are used in order to test the preventative, monitoring, and incident response effectiveness of an organization.