Penetration Testing

Penetration Testing (aka Pen Testing, Ethical Hacking or Red Teaming) is where a network or system is tested by an external person acting as a hacker. They utilize many of the hacker methods and tools in an effort to gain further access or escalate privileges.

Penetration testing is a serious undertaking that must be correctly authorized and endorsed by high level management.

The benefits of a penetration test are:

A clear understanding of the current vulnerable security enforcing components

Vulnerable internal data and exploitable services are identified

Security Architecture can be ratified as being sufficient, value for money or worthless

Security procedures can be ratified as being accurate, current and effective

A word of caution, just as an MOT is only as good as the day it was written out, a secure system can be hacked the next day if the right (or wrong depending on your perspective) vulnerability is identified and exploit code released. Thus to be effective, penetration tests need to be undertaken regularly and their results both compared to previous tests and the recommendations acted upon.

Logically Secure can undertake both internet and internal penetration testing tailored to the clients’ needs their risk appetite, the system’s configuration and network’s threat vector (see also Vulnerability Testing and Web Application Testing)

Related resources

• Consultancy Services
• Incident Response Services
• Training Services
• HMG Accreditation Support Services
• Technical Services
  • Data Destruction
  • Vulnerability Testing
  • Web Application Testing
  • Wireless Discovery Testing