Today’s online criminals are sophisticated and out for financial gain, not bragging rights. Targeted, multipronged intrusions draw on a range of techniques and tools, including exploitable vulnerabilities, inside information, and sheer persistence. Could your systems stand up to these sophisticated threats? For many enterprises, the best way to find out is to attack yourself first, or hire somebody to do so. A good penetration test may spot security vulnerabilities before attackers do.
Our standard security product lineup focuses on the Internet as the attack vector, but that’s not the only way in. A determined attacker can break in by gaining the cooperation of an insider or even through physical access to buildings. To really test your defenses, you need to attempt penetration via all of these methods.
This Information Week article explores penetration testing some of the commonly exploited avenues into an organization, the upsides and downsides of outsourcing, and dealing with trust when choosing a pen-tester. After all, you are authorizing them to probe and penetrate your defenses. It would be reassuring to know that they are not just going to turn around and sell this intelligence to someone else…