Your organization likely has some form of security system in place. This could involve relatively simple controls and procedures, and / or include advanced protocols and technologies that protect against a vast array of potential threats.
Ultimately however – how do you know whether someone is able to breach your security systems? More importantly – how would someone be able to succeed breaching your security systems?
You would test for this of course.
Security reconnaissance is basically running a simulation. This simulation involves an active analysis of the target system, to test for any potential vulnerabilities that may result from:
- Poor and / or improper system configuration
- Known and unknown hardware / software flaws
- Operational weaknesses (usually introduced accidentally in complex systems)
- Technical countermeasures producing unintended responses
- Other technology-based issues
Running such a simulation helps organizations understand where and how their IT systems are vulnerable, and help determine what threat vector(s) are capable of exposing these identified vulnerabilities.
Important: Simulations of this type are always run with strict guidelines, and the exact scope of such a simulation will always be determined between the vendor and client.
Penetration testing (or pentest) is a method of evaluating the security integrity of a system – by simulating an attack on the system from various internal and external sources. Such tests form a part of an overall security audit, and are legally mandated in some industries (such as PCI DSS for payment cards).
Penetration tests are valuable for several reasons:
- Determining the feasibility of particular threat vectors.
- Identifying higher risk exposures – that result from a combination of lower level vulnerabilities exploited in a particular sequence.
- Manually identifying vulnerabilities that may be difficult or impossible to detect through automated means.
- Assessing the magnitude of business / operational impacts due to a successful attack.
- Testing the ability of security systems (including their human operators) to defend against, and respond to particular attacks.
- Provide evidence to support increasing investments in security technology and personnel.
A security audit involves assessing the security integrity of a particular system. This can involve manual or automatic processes, and will often combine both in a comprehensive audit.
Running regular security audits is a great way to maintain confidence in the security integrity of a system. Often such audits are legally mandated by regulations in certain industries – for example PCI DSS in the card payment industry.
Security audits can involve:
- Interviewing personnel
- Reviewing physical security procedures and access controls
- Reviewing information access controls and user privileges
- Reviewing event logs
- Performing manual / automatic security vulnerability scans