Penetration testing (“pen test”) is a technique used by information security (InfoSec) professionals to find weaknesses in an organization’s InfoSec defenses. In a penetration test, authorized cybersecurity professionals play the hacker’s role.
Penetration testing attempts to circumvent digital safeguards and involves the simulation of an attack by hackers or an internal bad actor. The same techniques used by hackers to attack companies every day are used. The results of a penetration test reveal (in advance) the vulnerabilities and weaknesses that could allow a malicious attacker to gain access to a company’s systems and data.
Some techniques used include brute-force attacks, exploitation of unpatched systems, and password-cracking tools. Organizations hire InfoSec experts with specialized training credentials—such as Certified Ethical Hacker (CEH) and Offensive Security Certified Professional (OSCP)—to conduct authorized attempts to breach the organization’s security safeguards. These experts begin the pen test by conducting reconnaissance, often creating an attack surface and internet footprint analysis to passively identify exposures, risks, and gaps in security. Once potential vulnerabilities are identified, the penetration testing team initiates the exploit attempts using automated tools to probe websites, firewalls, and email systems.
Successful exploits often involve multiple vulnerabilities, which are attacked over several days. Individually, none of the weaknesses are a wide-open door. However, when combined together by an expert penetration tester, the result is a snowball effect that provides the pen test expert with an initial foothold inside the network from which they can pivot and gain access to additional systems.
Penetration testing is a useful technique for evaluating the potential damage from a determined attacker, as well as to assess the organizational risks posed. Most hackers and criminals go after low-hanging fruit—easy targets. Regular penetration tests ensure that the efforts required to gain access to internal networks are substantial. The result? Most hackers will give up after a few hours and move on to other targets that are not so well defended.
Baird Brueseke has 25-plus years of experience leading companies and designing solutions to solve customer problems. He co-founded Wheb Systems which grew from a two-person start up to become Captiva Software; a public company purchased by EMC. After Captiva, Baird’s interests turned to Education and Cybersecurity. He created a cloud-based portal, CLaaS – Computer Lab as a Service - which provides academic institutions the ability to deliver a hands-on computer science laboratory experience to distance learners.