Hitachi

U.S.A.

Hitachi Group Global Network

Americas

Asia

Europe

Middle East and Africa

Oceania

Close

The Elements of a Quality Penetration Test
You are here: Home \ Penetration Testing \ The Elements of a Quality Penetration Test
jigsaw puzzle
Posted on Tuesday, August 1st, 2017 by

 

Penetration testing (or pen testing) should be part of every IT security team’s toolkit. There is no better way to ensure your systems are safe from attack than to deploy your own red team to attempt a breach. But what are the elements to a high-quality pen test? We recommend these five steps.

 

 

  1. Identify a vulnerability.

This step begins with a vulnerability assessment (VA). Work with a trusted partner to perform your VA, because the output will likely rival the phone book in size. Make sure you have someone knowledgeable to guide you through the process. Work together to determine which assessed vulnerabilities are most concerning and warrant pen testing as the next step toward repairing weaknesses.

 

  1. Design an attack.

Once you’ve identified a target system and a particular goal, do your reconnaissance work. Gather whatever data and information you can about the pen test target, and conduct a scan of the current system defenses. With this information in hand, create a plan to gain access to the target.

 

  1. Deputize your red team.

Assign the pen test to ethical hackers. A partner can help you recruit the most skilled team to play the role of cyber criminal.

 

  1. Determine your exposure.

If the red team is able to breach your defenses, what kind of data would they be able to steal from your critical systems? And what is the potential value of that data if it were to fall into the wrong hands?

 

  1. Act on your findings.

The moment the pen test breaches its target is just the beginning. It is the starting point on the highest priority project on your IT security to-do list. Managed security services can be an asset in making sure that what you do next cost-effectively protects your IT infrastructure, meets compliance regulations and strengthens your vulnerabilities.

 

Ready to learn more about the elements of a quality pen test? Download our free e-book, “Pen Testing: Thinking Like Your Enemy Yields World Class Security.”

Download Penetration Testing: Think Like Your Enemy

Robert Bond
About author:
Robert Bond is the Director of Marketing at Hitachi Systems Security. Robert is responsible for the education of prospective customers as well as the satisfaction and engagement of current customers. Robert has been in the information technology, security and digital forensic industries for over 15 years. He has a Bachelors degree from the University of Maryland and an MBA in marketing from Indiana University.

Latest Webinars | Watch Now

 

The Next Generation of Managed Security, in collaboration with PCM.

Watch Now

Reporting Data Privacy Obligations to the Board: A Practical Approach to Ongoing Compliance, in collaboration with Nymity.

Watch Now