KoolSpan U: Weekly Word Wednesday – Pen Testing

An important first step in evaluating the security of a computer or device is known as penetration testing, or pen testing, which is used to find system vulnerabilities that could be exploited by an attacker.

With many software applications, testing is often automated so that updates and changes to the application will be accounted for without the user needing to manually update. Tests typically gather information to identify possible points of entry before actually attempting to break in, at which point the testing program will report back with the results.

Some different penetration testing strategies include:

  • Targeted testing: Sometimes known as the “lights turned on” approach, everyone involved can see what happens as the test is carried out.
  • External testing: The targets for this type of test are externally visible servers and devices such as domain name servers, email servers, web servers and firewalls. Ideally, the results will identify if an attacker can get in and how far they can dig into the server or device.
  • Internal testing: This strategy is used to determine how much damage an authorized user with standard access privileges could do to a system.
  • Blind testing: Often a more time-consuming testing strategy, the information available for those making the tests is significantly limited in order to evaluate the potential for attacks by someone who may know nothing more than the name of the company or who owns the device or server.
  • Double blind testing: This strategy tests how efficient the current system is for identifying and responding to attacks by only having a very small group of people aware that the tests are being conducted.

And while Pen Testing is largely used to identify any weaknesses in current security measures, they can also be used to evaluate how well an individual or organization complies with security policies and reacts to the infiltration attempts.

If you’d like to learn about how you can protect your mobile data from hackers, take a moment to browse through our products.