What area of your business would benefit the most from a penetration test? 
By: Chad HortonPenetration Testing ManagerCISSP, QSAPenetration testing is a form of ethical hacking that simulates attacks on a network and its systems. It goes beyond running an automated vulnerability scanner; the tests are performed by experts that dive deeper into your environment.In a previous blog post, Types of Penetration Testing: The What, The Why, and The How, we discussed the different ways a penetration test can be performed: black-box, white-box, and gray-box. We also told you why it’s a good idea for a business to have penetration tests performed regularly.So, what type of penetration test should you get for your business?
TweetWhat areas should you focus on? There are several tests or activities that penetration tests include. Here are a few you may want to consider.Network penetration test
The objective of a network penetration test is to identify security issues with the design, implementation, and maintenance of servers, workstations, and network services.Commonly-identified security issues include:Misconfigured software, firewalls, and operating systemsOutdated software and operating systemsInsecure protocolsThe remediation of commonly-identified security issues include:Reconfigure software, firewalls, and operating systemsInstall updatesEnable encryption or choose a more secure protocolSEE ALSO: Configuring and Maintaining Your Firewall with SecurityMetrics Managed FirewallSegmentation checkThe objective of a segmentation check is to identify whether there is access into a secure network because of a misconfigured firewall.Commonly-identified security issues include:TCP access is allowed where it should not beICMP (ping) access is allowed where it should not beThe remediation of commonly-identified security issues are the same:Reconfigure the segmentation control (firewall rules) to properly restrict accessSEE ALSO: New 3.2 Requirements for Penetration Testing and Segmentation: What You Don’t KnowApplication penetration testThe objective of an application penetration test is to identify security issues resulting from insecure development practices in the design, coding, and publishing of the software.Commonly-identified security issues include:Injection vulnerabilities (SQL injection, Cross-site scripting, remote code execution, etc.)Broken authentication (The log-in panel can be bypassed.)Broken authorization (Low-level accounts can access high-level functionality.)Improper error handlingThe remediation of commonly-identified security issues include:Re-design the authentication and authorization modelRecode the softwareDisable remote viewing of errors meant for developersFollow for more data security articles like thisWireless penetration testThe objective of a wireless penetration test is to identify misconfigurations of authorized wireless infrastructure and the presence of unauthorized access points.Commonly-identified security issues include:Insecure wireless encryption standardsWeak encryption passphraseUnsupported wireless technologyRogue/open access pointsThe remediation of commonly-identified security issues include:Update wireless protocol to an industry accepted protocol (WPA2)Replace the insecure passphrase with a longer, more complicated oneIdentify the open access point and disable itSEE ALSO: Wireless Access Point Protection: Finding Rogue Wi-Fi Networks
Social engineeringThe objective of a social engineering assessment is to identify employees that do not properly authenticate individuals, follow processes, or validate potentially dangerous technologies. Any of these methods could allow an attacker to take advantage of the employee and trick them into doing something they shouldn’t.Commonly-identified issues include:Employee(s) clicked on malicious emailsEmployee(s) allowed unauthorized individuals onto the premisesEmployee(s) connected a randomly discarded USB to their workstationThe remediation is always the same: training.Because the intent of this assessment is to take advantage of the trusting nature of employees, this type of assessment should only be done after employees have completed a training course on defending against social engineering attacks.SEE ALSO: Social Engineering Training: What Your Employees Should KnowWhich type of penetration test is right for you?For starters, choose the type of penetration test that focuses on the controls you are most concerned about:Web application or API = application penetration testInfrastructure = network penetration test (and possibly a wireless penetration test)People = social engineeringIf your objective is to obtain PCI compliance, at the very least, you’ll want to consider getting a network and an application penetration test.Once you have an idea on the type of test you would like and how comprehensive you would like the results to be, you need to decide from which perspective you would like testing to be performed.By making these decisions wisely, you can choose a penetration test that matches your business’ needs and budget.Need a penetration test? Talk to us!Chad Horton has been the Penetration Testing Manager at SecurityMetrics for over five years. His responsibility includes managing a team of eight employees who conduct manual assessments of web applications and corporate networks. In addition, Horton is QSA, CISSP, and CompTIA Security+ certified, and has written numerous web application tools to assist in exploiting vulnerabilities.