Over the last 3 months I have been devoting a large number of hours towards the art of Penetration Testing (Pen Testing). I thought I would write a post about this subject to explain what it is. It is one of the new services I offer my clients.
A penetration test is the process of actively evaluating your information security measures by simulating an attack from a malicious source.
Data Systems, applications, websites and any other software can be tested remotely. Physical security, wireless networks and personnel security audits are normally conducted on-site.
Examples of areas that are commonly tested:
- Software (OS, applications, databases, networks etc)
- Bespoke development (dynamic websites, in-house apps etc)
- Wireless (WIFI, Bluetooth, IR, GSM, RFID etc)
- Personnel (screening process, social media etc)
- Physical (access controls, rubbish diving etc)
The remote penetration test is normally the first stage of a larger security audit (1 and 2 above). Initially I conduct the test in “black box mode”, meaning that we require no information other than the company name. I will then search for all IP addresses and routes into the organisation, forcing my way into the internal network and website. Thereafter, I duplicate my tests with low-level usernames and basic permissions.
Once I have completed the test, I provide a full report of all the risks and appropriate solutions. The report is divided into three chapters. Firstly a management report outlining our findings without technical complications. Secondly, I will provide the technical details required for the IT department and thirdly, I will detail the process. Thereafter, I can quote to implement recommendations, or advise on organisations that may be better placed to action my implementations.
For more information about my services, please visit MVI Data Recovery.
