1.Penetration Testing Overview
¿Qué son las pruebas de penetración?
Penetration testing tests your existing cybersecurity measures to try to find vulnerabilities that attackers could exploit. Pen tests give you insight into how attackers might try to breach your networks so you can close gaps and stay one step ahead.
Pen tests can be done in house, but generally they are done by a third party who uses a variety of tools and methods to try to penetrate your network. These tests resemble real-world attack methods attackers may use. The goal is to discover vulnerabilities, misconfigurations and other security weaknesses before an attacker can exploit them and put your organization at risk.
If an attack (or penetration from a pen test) is successful, the attacker could:
- Gain access to personal health information (PHI)
- Get access to personally identifiable information (PII)
- Steal credentials
- Steal data and records
- Launch malware
- Make lateral movements across your network (potentially for weeks or months before you even know they’re there)
- Access credit card and other financial information
- Disrupt business operations
- Hold your systems and operations hostage and demand a ransom
- Destroy your data
Pen tests help uncover weaknesses within your attack surface so you can make plans to remediate them before threat actors can exploit them.
Pen tests are a complementary component of your vulnerability assessment program. As part of vulnerability assessment, your organization should do routine vulnerability scans that give you insight into all the assets and vulnerabilities across your enterprise. Pen tests help you verify if an attacker can exploit these weaknesses and evaluate the success of your remediation efforts.
To build a comprehensive vulnerability assessment program, conduct vulnerability assessment scans on a continuous basis and then do pen testing periodically. Some compliance guidelines call for annual pen testing, but you may build a stronger cybersecurity program if you conduct these tests more frequently — for example, at least quarterly.
The Importance of Pen Testing
Here are some reasons why your organization should adopt penetration testing as part of your comprehensive cybersecurity program:
- Pen tests help you discover if you have vulnerabilities or other security weaknesses attackers could exploit to get access to your network, data and assets.
- These tests can give you insight into how well you’re meeting compliance standards and where you have security issues.
- Pen tests can also help you determine if your security controls are working as you expect them to.
- You can test applications your organization uses to see if there are programming mistakes that can give attackers access to your network.