What is a Penetration Test?
This is the first article in a series explaining the different types of penetration testing — or “pen tests” for short. Because while many people might know they need a pen test, the term “pen test” can actually mean different things, depending on what you’re testing, and from what perspective. This series will give an overview of each of the different types of penetration tests, with a view to helping IT and security teams decide which type of penetration testing they might benefit the most from.
So what is a penetration test?
Conducting a pen test involves tasking a security professional (or team of professionals) with taking an attacker’s perspective to try find the security holes in your systems before the hackers do. They will use the same techniques that a real attacker would use, whilst being careful to carry out tests in a manner which avoids causing any damage to your live systems. The idea is to discover the vulnerabilities in your systems and inform you of any security holes which can subsequently be shored up. All types of penetration testing culminate in the delivery of a formal report, with advice on how to fix all of the issues that were found.
As we’ve said above, there are many different flavours of penetration test, some of which include:
- Perimeter Testing
- Web App
- Social Engineering/Phishing
- Red Teaming
But without further ado, let’s introduce the first type of pen test in the series:
Perimeter Penetration Testing
Otherwise known as an “External Pen Test”, the perimeter test involves taking a more conventional “Hacker’s-Eye View”. This type of test is carried out in a way which would emulate a hacker sitting on their computer, somewhere on the internet. The aim is to find ways to compromise your systems or steal your data by finding vulnerabilities in your systems, software and services which are exposed to the open internet, your “Internet-facing” systems.
Typically these types of test will involve scanning for and (where possible) safely exploiting “Known Vulnerabilities” in software and hardware. ‘Known vulnerabilities’ is a phrase used to describe programming flaws in software which are already known to the security community, as they have either been publicly disclosed by a security researcher or a product vendor. Information on how to exploit these known vulnerabilities is often freely available to hackers and security professionals, and so having known vulnerabilities present in your systems is a serious threat.
Perimeter penetration testing will identify these flaws using a number of methods. This can include grabbing banners that your systems are broadcasting containing software version numbers, and attempting exploits to test if you are vulnerable.
If you haven’t conducted any kind of penetration testing before, a perimeter or ‘external’ test is often the best place to start, as the perimeter is the easiest thing for attackers to get to, and attackers always take the path of least resistance. So if you have trivial vulnerabilities in your perimeter, that’s where they’ll get you.
If you’re interested in what vulnerabilities you might have in your perimeter, make sure you check out Intruder’s free trial, to see whether you have any known weaknesses in your perimeter systems today. Be warned though, the vulnerabilities you have today might be different from the ones you have tomorrow, as around 8,000 new ones get discovered each year (about 20 a day)!
There are services are out there to help deal with this problem, such as our Intruder Pro and Baseline services, that provide continuous, rolling perimeter penetration testing and vulnerability scanning. Our services provide a level of coverage unparalleled by scheduled yearly or quarterly scanning, since we are watching our customers’ internet facing systems all the time. For more info, don’t hesitate to get in touch.
Next up in the series, we’ll discuss the other types of penetration test you might want to conduct after your perimeter test, so make sure to check back soon.