Penetration testing is a crucial tool for analysing the security of your company’s systems, but it’s not a magic pill. Cyber attacks have been on the rise this year in 2021 and the attacks seem to become more complex each time. Attacks have been hitting front page news and the topic in general has caused much alarm to many businesses, large and small. Penetration testing is also known as pen testing, and is designed to simulate a real-life cyber attack. It also determines how secure your company’s systems are. At Cambridge Support our IT experts are highly skilled in testing systems and this article will improve your knowledge on pen testing.
What Is Penetration Testing?
Penetration testing is a method of breaching some or all a systems security to identify vulnerabilities. This method should be viewed as providing assurance in your company’s vulnerability assessment and management process. However, penetration testing shouldn’t be used as a primary method for finding vulnerabilities in a system. An excellent analogy is that a penetration test could be likened to a financial audit. A finance team within a company tracks the company’s expenditure and income on a daily basis. Then an audit by external consultant ensures that the finance team within the company is doing a good job. A penetration test is much the same. Read how Cambridge Support can help you with your pen testing.
The term ‘Ethical Hacking’ may be known to you, and this is what penetration testing involves. The goal is to hack the company’s system, of course in an ethical manner and find vulnerabilities with recommended solutions. These solutions serve to provide higher security and protect the company’s IT systems.
The 5 Stages Of Penetration Testing
The penetration testing process has five key stages:
Planning and Reconnaissance
This first stage involves defining the scope and goals of a test. This includes the systems that need to be addressed and the testing methods that need to be used. It also involves gathering intelligence such as network, domain names and mail servers to understand how their target works and any of its vulnerabilities.
Scanning
This second stage involves using technical tools to bring together intelligence on the target. This is typically carried out with two forms of testing:
- Static Analysis: This analysis includes inspecting an applications code to determine the way it behaves while running. This can be carried out in a single pass.
- Dynamic Analysis: This analysis is slightly different by inspecting the applications code while it is running. This method is more practical in the sense that it provides real-time detail into how the application performs.
Gaining Access
Web supplication attacks are then used. This could be using cross-site scripting, backdoors and SQL injections to uncover the targets vulnerabilities. Such things called testers then try to exploit these vulnerabilities. This is normally by escalating privileges, intercepting traffic, stealing data and many more to understand the damage they can cause.
Maintaining Access
In this stage, the goal is to test how long the tester can remain in the exploited system without being detected. This means, there is an aspiration to achieve a persistent presence within the system long enough for the tester to gain deeper access. There is also an intention to stay within the system as long as possible without being detected.
Analysis
Finally, an analysis is then provided in the form of a report. This report will demonstrate the specific vulnerabilities found, any sensitive data accessed and how long the tester remained in the system undetected. The tester must also return the system back to its original state.
What Could The Vulnerabilities Be?
Vulnerabilities are security gaps in anything that is digital or any physical asset. The National Cyber Security Centre defines a vulnerability as,
“A weakness, or flaw, in software, a system or process. An attacker may seek to exploit a vulnerability to gain unauthorised access to a system.”
Therefore, gaps in security can occur by the following means:
- Databases
- Servers
- Shared resources
- Networks
- Software applications
- Wireless devices
- Security controls
- Physical access points to the business
- Source codes
- Authentication mechanisms
This is by no means a comprehensive list, there are many more. However, it paints a picture as to where vulnerabilities can lie. Therefore a penetration test is extremely important because it can identify the weak points in many aspects of your business. A plan should then be established to eliminate the possible risks.
How Cambridge Support Can Help
Cambridge Support can conduct a penetration test for you. We can assess your current IT systems and practices and provide detailed reports and solutions. Therefore we have extensive experience in many security focused services, including much more than penetration testing. Cambridge Support offer Cyber Essentials, security audits and Microsoft 365 audits. We would be happy to review your current security and determine if there are any areas for improvement.
If you have any questions about pen testing, we would love to hear them and will be more than happy to discuss. To find out more, please contact us on 01223 921 000, or email us at ask@cambridgesupport.com.
“Cambridge Support – A personal approach in everything we do”