Penetration testing
The penetration test is an authorized attack against an information system which is used to simulate a real attack that could be perpetrated by a black hat hacker.
Penetration testing is a very important part of the information security program and is needed in order to find hidden vulnerabilities in the information system. Many organizations implement vulnerability assessment tools but do not add penetration testing to their overall testing methodology. Penetration testing is important because it allows the information security program to uncover vulnerabilities that are not easily captured through automated means. The penetration tester takes their information security knowledge and uses it to systematically break into an information system even when a vulnerability scanner has not found a vulnerability present.
Remember that there are various levels of penetration testing:
- Those that are fully engaged and coordinated with your business and its operations personnel
- To red team penetration testing, which is the same as a black hat
Also, remember that penetration testing covers a full array of activities that include:
- Physical security test
- Network intrusions
- Social engineering, and so on
A penetration testing engagement from a white hat / ethical hacker can include services such as:
- Collecting trash from trash cans and dumpsters in order to look for passwords and intellectual property
- Pretending to be the organization's helpdesk in an attempt to retrieve user passwords
- Social engineering attacks such as phishing and spear phishing attacks
- Web-based application attacks
- Vulnerability scanning
- Port scanning and so on