A penetration test, also known as a pentest, is a form of network security probe to determine if there are any vulnerabilities, or areas that could possibly be penetrated by an unauthorized user. Basically, a penetration test is an authorized attack on a company’s network and computer system in order to determine the level of network security, and to expose any vulnerabilities that could put company information or assets at risk.
Differences between vulnerability scanning and penetration testing
Both vulnerability scanning and penetration testing are important for the security of a company or enterprise. Both forms of testing typically attempt to find the same results: vulnerabilities within the system. The methods are only different in the way they are carried out.
A vulnerability scan is typically a scan of the network system in order to find more commonly-used vulnerabilities. A vulnerability scanning tool uses a list of preset vulnerabilities that have been exposed in other computer systems, and scans for these vulnerabilities in order to determine if any of these specific vulnerabilities exist.
A penetration test can be carried out two different ways. A penetration test can be performed using penetration software and tools, or it can be carried out by a professional penetration specialist, typically a well-known professional hacking expert. Of these two methods, the professional penetration specialist is the most effective, as this test is performed by a real hacker—so the same techniques are applied that would be used in an actual attack on the company network by a skilled hacker.
Value of penetration testing
The value of penetration testing consists of several main benefits described below:
- Penetration tests identify vulnerabilities that are unable to be exposed with typical network and vulnerability scanning software.
- Penetration tests determine the strength of specific security programs and software, as well as the overall security of the network.
- Penetration tests expose high-risk vulnerabilities that may be exploited by performing a specific sequence of low-risk vulnerability exploits.
- Penetration tests expose flaws in the company threat response plan.
Penetration testing methods
Penetration testing is largely successful because it covers all locations within the company network. Even small, insignificant locations must be covered, because these are typically the locations where an attacker will gain access. Once the attacker has gained access to a small part of the network, even if it has limited access, he can use the limited access to gain access to more critical areas—sometimes by calling tech support pretending to be an employee having access issues.
Penetration tests also cover third-party applications, and assess the risk involved with their use. The tests are performed from outside the network, as well as within the network, due to the fact that an attacker could potentially gain access to less critical areas of the network, then use those locations to perform additional attacks in order to gain access to sensitive company information and assets.
Once the tests have been performed and the results analyzed, all problem areas must be patched or solved, and then the tests must be ran again. Once the network is secure, the tests can be stopped, but should be performed frequently in order to keep up with new threats.