#CyberAware – 4 FAQs on Penetration Testing
Penetration testing is one of the best practices to ensure a company’s infrastructure is secure from bad actors trying to get their hands on confidential information. On the occasion of this year’s National Cybersecurity Awareness Month (NCSAM) – #CyberAware – we want to discuss 4 of the most frequently asked questions about penetration testing.
What is the difference between a Vulnerability Assessment and a Penetration Test?
A vulnerability assessment is aimed at identifying known vulnerabilities in an organization’s infrastructure. This is helpful for establishing whether or not the company’s security measures are working. However, one does not actually exploit the vulnerabilities identified or consider the overall security management processes.
A penetration test (or pentest), on the other hand, evaluates the security of assets by running a series of planned attacks with the goal of finding and exploiting vulnerabilities. It is intended to be much more in depth, and a specific methodology must be respected.
In other words, the vulnerability assessment is a part of the penetration testing process, but the actual exploitation is in the next phase of the penetration testing cycle. Penetration testing is a more complete process, and goes as follow:
- Information Gathering
- Footprinting & Scanning
- Vulnerability Assessment
What are the different Types of Penetration Tests?
A penetration tester, much like an experienced ethical hacker, performs deep investigations of the remote system security flaws and test for all vulnerabilities, not just the ones that may grant them root access. Penetration testing is not about getting root. Some of the most common forms of penetration tests are:
- Web Application penetration tests — typically to find a company’s technical vulnerabilities.
- Infrastructure penetration tests — examines servers, firewalls and other hardware for security vulnerabilities.
- Wireless penetration tests — attempts to locate access points and weak encryption algorithms.
- Social engineering (simulated phishing) penetration tests — provides an independent assessment of employee susceptibility to phishing attacks.
- Mobile application penetration tests — aims at finding a company’s technical vulnerabilities on mobile apps.
Learn more about web application pentesting, mobile application pentesting and network pentesting here.
What should be included in a Penetration Test Report?
Any thorough and professional penetration testing report should provide a detailed breakdown of your findings in an easily interpreted format. It is your way of officially delivering and communicating the results of your tests with executives, IT staff, and the development team, so you have to remember to talk in a manner that non-security teams understand.
A next-level report should include the followings:
- The techniques used
- The vulnerabilities found
- All of the exploits used
- The impact & risk analysis for each vulnerability
- Possible remediation plan
Hint: Targeted tips on how to effectively remediate each vulnerability are the real value for the client.
What are the Limitations of Penetration Testing?
Undertaking a series of penetration tests are useful practices that will help strengthen an organization’s security, but they have their limitations. For example:
- Limitations of scope
- Limitations of time
- Limitations on access
- Limitations on methods
Read more about the different penetration testing limitations here.
Learn networking and programming skills up to the most important basics of penetration testing with the Penetration Testing Student (PTS) training course.
Connect with us on Social Media: