Pen testing is the method of ensuring a company is secure by trying to break in and act as if a real attack was happening. This is basically a fire drill for technical controls and a great way to see what flaws may exist before they are discovered by a hacker. Companies want to ensure they test every aspect of their technical environment to ensure that there are no weak spots.
In this article, we will cover the Pros and Cons of pen testing in each type of environment. A Con here is a CONsideration as there are often few true bad reasons to test something, but there are things to think about when testing to be sure a smooth and effective test is conducted.
Network Services
Network testing covers the internal and external portions of the network. This is a very standard and traditional type of pen test.
Pros
- Get a good understanding of patch management
- Know what ports and services are available
- Discover hidden or forgotten assets
- Find misconfigurations in network protocols
- Understand what a hacker would do once they got in to the network
Cons
- May result in network latency or outages
- Internal testing requires IT support
- Notification of ISPs may be required
- Employees may be concerned if alerts are generated
Web Application
Web applications are on the rise, and now, more than ever, important to test. A data breach may cost a company its reputation. Read below web app pen testing pros and cons.
Pros
- Find vulnerabilities in the application
- Discover unintentional content or functionality
- Test each user level for privilege escalation
- Check libraries for out-of-date or vulnerable components
- Code review finds vulnerabilities before they are release.
- Test business logic.
Cons
- If testing a production site, there may be app breakage
- If testing a development site, there may be differences from production
- Ensure that no production data is leaked or tampered with during testing
- Credentials for testing must be disabled after use
Client-Side
Testing client-side applications is often not done as many people focus on the server-side. However, it is important to always test each component to find all types of exposure.
Pros
- Discover vulnerable functionality and business logic flaws
- Test traffic security and data protection
- Utilize forensic techniques to ensure no data is leaked
- Cover desktop and mobile apps for a full understanding of the application architecture.
Cons
- Ensure testing is done in as many deployment environments as possible
- Testing may discover sensitive data in unexpected places
Wireless
Wireless testing aims to test two scenarios: can someone break into the wireless network, and once connected what is available.
Pros
- Test the strength and rigor of the wireless authentication security
- Find wireless problems, such as signal leakage
- Ensure segmentation is properly defined.
Cons
- May result in network outages.
- Someone walking around plugging in devices may look suspicious, ensure testers are given badges/passes
Social Engineering
Social engineering is the act of testing the human component of technology. This can be through phishing, phone calls, USB drops, and more.
Pros
- Understand the human weakness and how to correct it.
- Find the most vulnerable vectors.
- Test employee training
Cons
- Employees may get annoyed.
- Suspicious behavior by testers may get reported.
- Testing may get caught in existing filters and defeat the test.
Physical Penetration Testing
Physical pen testing is a way to test the physical security of technology. It aims to find weaknesses that a physical intruder would be able to reasonably exploit. This can include: server room door security, front door locks, passwords on sticky notes, exposed sensitive documents, network jacks without security, rogue wireless detection, and more.
Pros
- Find flaws in physical protection mechanisms
- Ensure employees are keeping data safe.
- Test employee access controls
Cons
- Suspicious behavior by testers may get reported.
- Testers need access to the physical location and this can be expensive if more than one geographic area is tested.
Conclusions
It is important to test each and every aspect of the technical environment, but doing so has considerations. Making sure you know what each test requires will yield the best results and a smooth test with little interruptions. Having a company that communicates effectively with your team is important, as that can be the difference between a network outage and an easy test.