What is Penetration Testing?
A penetration test is a method of evaluating the security of a system or network through an authorised simulated attack from malicious outsiders, with the aim of identifying vulnerabilities which can then be solved.
Also known as ‘red teaming’ or ‘ethical hacking’ the tests involve manual techniques and automated tools to exploit weaknesses. The end goal is to develop effective security measures to prevent or combat various types of attack.
When should I start penetration testing?
In order to get the most benefit from a series of penetration tests, a thorough Security Assessment will have firstly been carried out, followed by the recommended remedial work and any relevant compliance requirements.
There are various categories of penetration test, which RedQor can advise on prior to implementing. These ensure that the security of an entire environment can be tested, using the same tools and techniques as an adversary would use.
Scenario Based
Testing a specific threat or source (e.g. hacktivists, cyber terrorists, employees or competitors).
Target Based
Testing a range of specific data assets, locations, applications or sub-networks.
Persistent
An extension of a Scenario Based test, that takes place over a period of time.