• About WordPress
    • WordPress.org
    • Documentation
    • Support
    • Feedback
  • Log In
  • Register
  • Blog
  • Courses
    • Introduction to Linux
    • Up and Running with Power BI in 2 Weeks
    • Introduction to Data analysis- with T-SQL
  • About Us
  • Contact Us
  • Cart

Have any questions?

dakota.staples@cybercode.ca
RegisterLogin
Cyber Code
  • Blog
  • Courses
    • Introduction to Linux
    • Up and Running with Power BI in 2 Weeks
    • Introduction to Data analysis- with T-SQL
  • About Us
  • Contact Us
  • Cart

Uncategorized

  • Home
  • Blog
  • Uncategorized
  • How and why ‘pen testing’ will continue to play a key role in cybersecurity

How and why ‘pen testing’ will continue to play a key role in cybersecurity

  • Posted by Dakota Staples
  • Date May 4, 2021
  • Comments 0 comment

Originally published on The Last Watchdog.

When we look at society today, we can see that we are moving further and further ahead with technology. Numerous advancements are being made at an extremely fast pace with no sign of slowing down. In fact, there is evidence that technology grows exponentially fast. Since we are quickly putting out large technologies, security risks always come with this.

Even large companies are not immune to this. Microsoft has had several security vulnerabilities including Zero Logon. Penetration tests are one way of mitigating the security risks that arise and make sure that we are not endangering users, their data, and the trust they inherently place in technology.

Penetration tests can be defined as the testing of a system to find security flaws in it. There are three main types of penetrations-black box, grey box, and white box which infosec institute defines. Each have various different goals and tasks.

Pen test types

Black box testing is taking the stance of an outside hacker who has prior or inside knowledge of the system. This type of test determines what is exploitable from outside the system and if the attacker is able to gain access to the system being tested.

Grey box testing is the next level of knowledge of a system. They would have access to the internal mechanisms of a system and maybe some privileges. This allows for testing of internal structures while still simulating an outsider threat who obtained internal access.

Finally, white box testing is last. This test has the most prior knowledge, they have access to all parts of a system, including elevated access, source code, and any other part of the system for analysis. This can test all parts of the system inside and out. It also could simulate a malicious employee.

In all of these tests, the goal is to simulate an attack, and to find and remove vulnerabilities that exist within the system.

Protecting critical systems

In our growing technological society, penetration tests are very important to the safety of our software and systems. Many do not realize, but safe software can literally be the difference between life and death. These cases are not isolated examples, either. Many critical systems like this exist, such as pacemakers and other medical systems, airplanes, and even cars. All of these are controlled by code and computers, and most importantly-can be hacked.

While not essential like the aforementioned systems, the security of other systems matters a lot too. This is important because personal privacy is important. If we do not secure these systems, our personal data can end up leaked, such as credit card numbers or addresses or passwords.

As mentioned earlier, technology is rapidly expanding. This massive expansion is the reason why penetration tests will remain essential in the current environment. More than ever, being one step ahead of hackers is crucial to keeping businesses safe. Depending on the scope of the test, many different results can be achieved. Penetration tests can find faults in software that has been developed, vulnerabilities in a business’ _network and test how resilient a company is to social engineering.

Compounding vulnerabilities

With regards to software or a network, businesses are constantly changing these. Whether it is a new update, or a migration to a newer system, all of these can introduce new vulnerabilities. Nowadays, software patches and fixes are very common and happen frequently.

While both attacks and defenses continue to evolve and even now can involve AI, human resistance to social engineering does not evolve much. It is astounding how far a person can get with the right outfit and a bit of confidence. Even phishing emails still continue to trick people. Relying on spam detection alone to catch phishing is not as valuable as trained employees as emails can still continue to get through and physical social engineering attacks can still take place.

What all of this means is that, as updates and rapid changes and growth in technology continue to happen, and hackers continue to social engineer, penetration tests will still be needed and remain essential.

About the essayist. Dakota Staples is a student the University of New Brunswick in Canada who is  pursuing at bachelor’s degree in computer science. He says he intends to earn a masters degree in applied cybersecurity, beyond that. Staples founded CyberCode.ca, a website about IT news and training.

Tag:pen testing

  • Share:
author avatar
Dakota Staples

Previous post

5 Social Engineering Attacks and How To Stop Them
May 4, 2021

Next post

A New Age of Digital Interconnection in the IOT
May 13, 2021

You may also like

dole777-EQSPI11rf68-unsplash
7 Tips To Secure Your Social Media Profiles
29 May, 2021
Internet of Things concept
A New Age of Digital Interconnection in the IOT
13 May, 2021
fabio-oyXis2kALVg-unsplash
8 Great Data Science Paths You Need To Know About
27 January, 2021

Leave A Reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • How To Stay Secure Online With These 5 Tips
  • 5 Programming Languages You Need To Know
  • 7 Tips To Secure Your Social Media Profiles
  • A New Age of Digital Interconnection in the IOT
  • How and why ‘pen testing’ will continue to play a key role in cybersecurity

Recent Comments

    Archives

    • August 2021
    • July 2021
    • May 2021
    • April 2021
    • January 2021
    • December 2020

    Categories

    • Coding
    • Cyber Security
    • Data Analysis
    • Malware
    • Social Engineering
    • Uncategorized
    • Uncategorized

    Meta

    • Register
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    • Cookie Policy
    • Privacy Statement
    • Imprint
    • Terms & conditions
    • Disclaimer

    Copyright © 2022 Cyber Code

    Login with your site account

    Lost your password?

    Not a member yet? Register now

    Register a new account

    Are you a member? Login now

    Manage Cookie Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage vendors Read more about these purposes
    View preferences
    {title} {title} {title}