Sunday, November 6, 2011

Security: What is penetration testing?

Although still an evolving concept, penetration testing is becoming more common and more critical for organizations housing confidential data.
What is penetration testing?
In simple terms, penetration testing is basically a planned attempt to hack into your system in order to determine any vulnerabilities and weaknesses. Testers simulate attacks from malicious sources and evaluate the effectiveness of your security measures. An assessment report is presented outlining the findings and, often, recommendations for improving security are provided.
Who needs it?
Many organizations, such as financial institutions and insurance companies, are subject to industry regulations requiring proof of due diligence in regards to securing data. Penetration tests not only demonstrate due diligence to the regulatory bodies, but also to consumers and customers, providing a deeper level of trust.
A thorough penetration test will safeguard against hackers or employee theft, saving the company from potential financial loss. The assessment also provides a guide for the best allocation of funds and resources.
How does it work?
A penetration test is an active analysis of your system. An attack is simulated and testers are able to look for poor system configuration, flaws in hardware or software and other operational weaknesses. At the conclusion of the test, an assessment is provided detailing the areas of potential weaknesses and vulnerability.
The test may detect:
  • Router or firewall penetration
  • Password guessing /sniffing / cracking
  • Web application attacks
  • SQL Injection
  • Cross-site scripting
  • Denial of Service (DoS)
  • Vulnerable port/service exploits
  • Social Engineering (human-directed) attacks
  • Password acquisition
  • Email spoofing
  • Phishing
  • Spear phishing
  • Wireless network attacks
  • Open or weak WLANs
  • Hidden or stealth WLANs
  • Encrypted WLANs authentication/handshake traffic
  • Wireless traffic
  • Information leaks