Reality dictates that organizations today must consider the safety assessment of their systems. This makes it possible to assess what level of security of the organization. Such assessments are called Penetration Test or penetration test.¿What is a Penetration Test?
A penetration test is evidence offensive against existing defense mechanisms in the environment being analyzed. These tests range from the analysis of physical and digital devices to the human factor analysis using Social Engineering. The objective of these tests is to check under extreme situations what is the behavior of the defense mechanisms specifically seeks to detect vulnerabilities in them. In addition, those faults of controls and gaps that may exist between the critical information and identify existing controls.¿Why is it necessary to conduct a Penetration Test?
There are many cases where organizations suffer incidents that could have been avoided if the protection mechanisms had been reinforced at the time. The incidents include events such as information leakage, unauthorized access, data loss, among many others. The analysis of the mechanisms of protection should be a proactive task allowing the pentester (person who carries out the audit) find vulnerabilities within them and provide a solution before a cybercriminal take advantage of this weakness.
¿What activities comprises a Penetration Test?
A Penetration Test comprises multiple stages with different types of activities in different areas and environments. The depth with which the activities carried out will depend on certain factors, including the risk that can lead to the client any of the methods applied during the evaluation highlighted. a prior agreement with the customer is established to carry out the various phases of analysis, as described below:Recognition phase: Possibly, this is one of the longest stages demands. In addition, objectives are defined and all possible information which will then be used throughout the following phases are collected. The information sought ranging from names and email addresses of the employees of the organization to the network topology, IP addresses, among others. Note that the type of information or the depth of the investigation will depend on the objectives that have been set in the audit..
Phase scanning: Using the information obtained previously possible attack vectors are sought. This stage involves scanning ports and services. Later scanning vulnerabilities that will define the attack vectors is performed.
Enumeration phase: The objective of this stage is to obtain data concerning users, hostnames, network services, among others. At this stage of the audit, active connections to the system are made and consultations run within it.
Access phase: At this stage finally access to the system is performed. This task is accomplished from the exploitation of those detected vulnerabilities that were exploited by the auditor to compromise the system.
Access Maintenance phase: After the access to the system have been obtained, is seeking ways to preserve committed available who has attacked the system. The goal is to maintain access to said system lasting over time.