Penetration Testing

External vs Internal Penetration Testing

Most penetration tests can be siloed into two main categories:

• External —External penetration tests try to exploit flaws from the outside of corporate confines, simulating the kinds of attacks that remote hackers would carry out on externally facing assets. This includes internet-facing systems like web applications website servers, open APIs, DNS infrastructure, and more.
• Internal —Internal penetration tests start from inside an organization's internal network. They're meant to mimic the kinds of attacks that can be carried out by a malicious employee or an outside attacker who has already gained a foothold in the network via phishing attacks or other malware attacks against employees' endpoints.

Why do Penetration Testing?

(You can’t fix what isn’t known to be broken)

• Assess real-world cyber readiness
• Uncover complex vulnerabilities, business logic flaws, and weaknesses in processes or employee training
• Find compliance violations and satisfy pen testing requirements from PCI-DSS and other regulations
• Document security gaps in technology and processes for auditor and executive review
• Prioritize remediation based on exploitability of issues discovered in your environment

How are Penetration Tests performed?

Our goal is to emulate the methodologies used by today's cyber criminals — you must think like your adversaries in order to beat them.

1. Scoping

Goals are set for the breadth of weaknesses that pen testers will probe for and systems or processes they're meant to target. Rules of engagement are set for the test methods and pen test frameworks that can be used, as well as where in the network or physical premises testers can operate.

2. Recon and scanning

Particularly important in black box testing, the reconnaissance phase has pen testers gathering intelligence about the network and systems through a range of methods, including network scans, social engineering, reverse engineering, and static or dynamic analysis of application code. Testers seek to map out as much information as possible to look for vulnerabilities they can exploit.

3. Gaining access

Once pen testers enumerate the network and system vulnerabilities, they begin the work of exploiting flaws to gain access to systems. Like attackers commonly do, they'll frequently seek to gain footholds on low-value assets, move laterally across the network, and escalate privileges on systems wherever possible.

4. Maintaining access and evading detection

Depending on the scope of engagement, pen testers tasked with mimicking advanced attackers may be called upon to seek persistence on systems they exploit and hide evidence of their network incursion to test how long (or if) the security team finds their simulated 'malicious' behavior.

5. Reporting and analysis

The best penetration tests are followed up with detailed reporting that offers analysis of which vulnerabilities or security weaknesses pen testers exploited to gain access, what sensitive information they were able to access, how long they were able to evade detection, and what that means for the organization moving forward. Pen testers should ideally offer guidance and prioritization on how a company should go about closing security gaps they've found, both through changes in technology and processes.