Offensive Security Testing: Offense is Your New Defense
Michael Lassiter • November 14, 2022
Be More Secure With Offensive Testing
Penetration Testing: It works WITH
You
Penetration testing has been seen as a solely offensive security measure for a very long time in the cybersecurity industry. Although this procedure is offensive in nature, it can be implemented as a method to protect an entity from compromise by an attacker. There are some circumstances where a penetration test can discover evidence of a possible data breach or unknown intrusion in a network. Also, the possible attack vectors could have a chance in being either mitigated or patched before they could potentially be compromised.
WHY INTRUSION PREVENTION ISN'T ENOUGH?
Intrusion
prevention systems (IPS) are often implemented to block malicious activity and prevent intrusion attempts from an external attacker. The countermeasures rely heavily on pre-configured rules and settings that can collectively give an alert of suspicious activity. Intrusion prevention systems are also known for generating false positives and it is due to the inability to distinguish between malicious and normal traffic at times. A black hat hacker could take advantage of this flaw and disguise intentional malicious traffic as normal traffic by interacting with an open, yet unnecessary port and service.
Which Do I Need ? Penetration Testing or
Red Team Engagement
?
The needs of the agency, company or organization determine if there is a use case for a penetration test or a red team engagement. Unlike common belief, red teaming and penetration testing are not entirely synonymous because the scope of the processes have a strong distinction. The primary goal of a penetration test is to discover as many vulnerabilities as possible and properly exploit them within the guidelines of the scope. There are some compliance standards such as PCI DSS and ISO 27001 which require penetration testing and when a significant change to the infrastructure has taken place as well. The necessity of being aware of vulnerabilities and weaknesses is absolute when compliance expects the entity to be knowledgeable of the threats.
Red Team Engagements have a sole purpose in testing the response capabilities of the agency and testing the alert communication strategies of the client. The target of a Red Team Engagement is typically a more focused type than a penetration test and the duration of the engagement is much longer than a penetration test. As the Red Team agrees upon
goals that fall within the rules of engagement, specific vulnerabilities will be targeted as a compromise of them could lead to achieving the goals.
Strong Exploits LLC is awarded a contract with the Commonwealth of Pennsylvania