What is a Penetration Test?
Key components of a pentest typically include:
- Scope Definition: The scope of the penetration test is defined in advance, specifying the systems, networks, and applications that are to be tested.
- Authorization: Penetration tests should be conducted with proper authorization from the organization that owns or operates the systems being tested.
- Simulation of Real-world Attacks: Penetration testers (often called ethical hackers) simulate the tactics, techniques, and procedures that real attackers might use.
- Identifying Vulnerabilities: This could include flaws in software, misconfigurations, weak passwords, and other issues that could be exploited by malicious actors.
- Risk Assessment: Once vulnerabilities are identified, the penetration testers assess the associated risks.
- Reporting: After completing the testing, a detailed report is provided to the organization. This report includes information about the vulnerabilities discovered, the methods used to exploit them, the level of risk associated with each vulnerability, and recommendations for mitigating or remedying the issues.
- Remediation: Organizations use the findings from the penetration test to prioritize and implement security improvements.
Security posture assessments per regulation:
| Regulation | Summary | Mandated/Recommended | Relevant Section(s) |
|---|---|---|---|
| PCI/DSS | payment processing | Mandatory – quarterly | 11.4.1 – 11.4.5 |
| HIPAA | health information | Recommended | 45 CFR 164.308(a)(1)(ii)(A) — 45 CFR 164.308(a)(8) |
| CMMC | CUI data | L1: Recommended — L2: Strongly Recommended — L3: Mandatory | NIST SP 800-171 — NIST SP 800-172 — CA.L2-3.12.1 |
| SOC2 | CIA of customer data | Recommended | CC4.1 (COSO Principle 16) — CC7.1 |
| ISO 27001 | managing infosec risk | Recommended | Control A.8.8 |
| SWIFT CSP | banking data | Mandatory – quarterly | CSCF Control 7.4A — CSCF Control 2.1 |
Network & Systems Assessments:
When pentesting network(s) and systems, we can perform these engagements from an external or internal perspective (or both). Our team will work with you to determine the scope and goals of the engagement.
Typical Activities:
Internal perspective: Assess the environment from an insider threat or a threat actor who has already established a foothold. This could reveal critical findings that may not be identified from an external viewpoint.
External perspective: Assess the environment from an external attacker’s point of view. This is crucial for understanding how your environment is exposed to the outside world.
Wireless environment: Private Wi-Fi, Guest Wi-Fi
These assessments can assist in guiding internal efforts to increase security posture.
Physical Assessments:
A physical engagement in a cyber security penetration test involves real-world interactions with the target organization’s physical assets or personnel. It’s designed to identify vulnerabilities in the organization’s physical security measures.
Typical Activities:
Social Engineering: Impersonating a legitimate employee, visitor, contractor, etc. to gain access to restricted areas or information.
Physical Access Testing: Attempting to bypass physical security controls like locks, alarms, or surveillance systems.
By simulating real-world attacks, physical penetration testing helps organizations identify and address potential vulnerabilities in their physical security posture.
Web Application Assessments:
Web application penetration testing goes beyond automated checklists by simulating real-world attacks to uncover deep-seated logic flaws and critical vulnerabilities. We provide the actionable intelligence you need to proactively harden your defenses.
Typical Activities:
Fuzzing: Testing input fields.
Injection: Probing backend database.
Broken Authentication: Attempting to bypass login.
Cross-site Scripting: Injecting custom code into user page user(s) view.
Privilege Escalation: Finding route to elevated permissions.
The goal isn’t just to find “bugs”, it’s to demonstrate the real-world impact of a vulnerability.
