Penetration Testing - Definitions and Useful Links

Penetration testing is defined by SANS as: "The authorised, scheduled and systematic process of using known vulnerabilities in an attempt to perform an intrusion into host, network or application resources."

Typically the penetration testing approach comprises a combination of using automated tools and manual investigative methods. The overall objectve is to identify the existence of system deficiencies in order that they may be remedied before others take advantage of them. This remedial programme will typically comprise a combination of upgrading software, applying patches and bug fixes, removing unnecessary access privileges, house-keeping system security policies and making general improvements to overall network security through software configuration or installation of additional hardware.

However, penetration testing is not a simple one-off exercise as systems rarely remain static and new vulnerabilities are being identified all of the time. We therefore recommend that the penetration test/system audit is repeated on a regular basis (eg every 3-6 months) in order to maintain a satisfactory level of security.

The following sites provide useful material about penetration testing:

The Open Web Application Security Project (OWASP) - an open source community where people can advance their knowledge about web application and web services security issues.

The Open Source Security Testing Methodology Manual (OSSTMM) - an open standard methodology for performing security tests.

The SANS (SysAdmin, Audit, Network, Security) Institute - the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center.

Back to Penetration Testing & Security Audits

Green - Everything is normal. No significant new threat known.

Yellow - We are currently tracking a significant new threat. The impact is either unknown or expected to be minor to the infrastructure. However, local impact could be significant.

Orange - A major disruption in connectivity is imminent or in progress.

Red - Loss of connectivity across a large part of the internet.