You may have heard about penetration testing, and have decided to dig a bit deeper to see if this cybersecurity testing can help your organization against threat actors — suddenly you’re lost in a jungle of jargon, asking yourself some confusion questions:
“What’s the difference between external vs. internal network penetration testing? Which do you need and when? How does social engineering come into play? Just how many types of penetration testing are there?”
We’ve got the answers to these questions and more as we explore the seven types of pentests to help you fortify your business from every angle:
Mitnick Security uses penetration testing to identify weaknesses and vulnerabilities that a threat actor could use to wreak havoc on your organization. In a penetration test, a simulated attack is performed by cybersecurity experts to discover how a threat actor could compromise your organization.
Penetration testing is an advanced form of testing because it catches vulnerabilities that wouldn’t be caught by ordinary vulnerability scans. After the engagement, you’ll receive a comprehensive Pentest Report that includes the findings along with remediation recommendations. What areas of your organization are tested and how depends entirely on the type of penetration test.
External Network penetration testing looks at your current wealth of publicly available information or your externally-facing assets. The assessment team tries to leverage vulnerabilities they found while screening your organization's public information or attempts to gain access to data via external-facing assets, like company emails, cloud-based applications, and websites.
For example, an external pentester — an ethical hacker — may try to remotely breach your firewall or try to use public and private data gathered from leaked data breaches, OSINT, internally developed tools, credit bureaus, etc. to crack a password. These are the same attack surfaces that a malicious hacker may try to exploit. Once you understand how the pentester breached your defenses, you’ll be one step closer to keeping the actual bad guys at bay.
An internal network penetration test begins where the external pentest ends — from the inside of your organization’s outer defenses. Under this simulation, a pentester assumes the role of a malicious “insider,” such as an ill-intended employee who has a certain level of legitimate access to the internal network.
These scenarios role-play what could happen should a rogue employee, contractor, or cybercriminal masquerading as a staff member attempt a hack from the inside. Pentesters look at the impact of confidential information being unwillingly disclosed, altered, misused, or destroyed. Then, they use that data to recommend better controls over employees. This may include enhancements to system privileges of access, improper patch management, little or no segmentation, vulnerable applications, and protocol abuse (LLMNR and NBT-NS).
Social engineering testing assesses how susceptible your staff is to exposing confidential information. Social engineering involves an attempt to gain the trust of an employee, usually by tricking them into sharing private data or performing an action that exposes data to a masked malicious actor.
Phishing emails are a prime example of a social engineering ploy. A hacker may pose as a manager (using a very similar email address) and ask an employee to share a login or transfer money under urgency. White hat penetration testers may try to exploit your staff into sharing protected information to reveal the need for more in-depth employee security training and management. As a popular tactic among threat actors, social engineering is even mentioned in guidelines for some industries’ security standards.
Not all attacks are digital in nature. Physical penetration testing simulates an intruder's physical breach of your security controls. Assessors may pose as delivery personnel to attempt to gain access into your building or, quite literally, break into your office to provide proof of real-life vulnerabilities.
This type of penetration testing looks far beyond just physical theft; it also considers sneaky threat actors, like those who may plug a malware-injecting device like a USB Ninja Cable into a computer to tap into your network.
Some organizations are the victims of wireless security breaches. Anyone within the given vicinity of your wireless internet connection could “eavesdrop” on the wireless traffic flowing across your organization by exploiting a vulnerability in your network.
Unfortunately, tools for wireless hacking are now available in full-blown suites that offer simple “point and click” usability — so that even novice hackers can access data. A wireless pentest helps to ensure your WiFi and wireless devices/protocols are properly safeguarded.
Your organization may need application penetration testing if you create, sell, or use multiple applications. This pentest focuses on vulnerabilities within your applications: from their design and development to implementation and actual use. Assessors look for flaws in the apps’ security protocol, including missing patches or exploited holes in externally-facing web applications, applications that run on internal networks, and applications that run on end-user devices and remote systems.
Because hacking techniques and application updates evolve daily, it’s important to frequently test your apps for new vulnerabilities — and to understand that scanners alone just don’t cut it as they usually only capture “the low-hanging fruit” problems in software code.
Red teaming refers to a military reference, whereas attackers (the red team) compete against defenders (the blue team). Savvy organizations hire external, independent assessors to play as Team Red, who pose a simulated attack on your systems and networks — using a combination of the six types of penetration testing above to improve your forces against actual adversaries.
Penetration testing gives you the opportunity to see what the threat actors see — without the damage. Organizations can identify and mitigate risks by adding pentests to their cybersecurity plan. However, it can be difficult to figure out which penetration testing types you need and when. A cybersecurity consultant can help you meet the specific needs of your organization.
Kevin Mitnick and the Global Ghost Team maintain a 100% success record of exposing vulnerabilities during pentesting. In test after test, Mitnick Security proves that even the most well-protected organizations have holes in their defenses. We don’t just think your system has weaknesses, we know it. Thankfully, we’re on your side and consider ourselves your partner in improving your organization's cyber security posture.
To learn what your risks are and how to mitigate them, request more information about our Penetration Testing Services today.