Last Updated on June 8, 2018
When your network goes through a penetration test, it’s a little like taking a journey on The Oregon Trail (remember that all-time-great video game?). Using a range of manual techniques supported by automated tools, your network infrastructure undergoes a simulated attack from malicious outsiders (and/or insiders) that will test its mettle and identify the key vulnerabilities and control weaknesses you need to mitigate to be secure.
Similar to the video game and unlike actually traveling 2,000+ miles to Oregon with your family in a wagon pulled by oxen in the mid-1800’s, it’s “all in fun” and safe for your business to undergo a penetration test. Also, like the game, the end goal is to learn experientially.
Taking the analogy one step further, just like many players of The Oregon Trail video game don’t make it to the Willamette Valley, many real-world networks succumb to a variety of critical vulnerabilities that expert penetration testers can leverage to steal user and administrative credentials, compromise critical components, intercept/exfiltrate data and hypothetically sow malware.
What’s the motivation for a network penetration test? Like setting off for Oregon in a covered wagon, you’re looking to improve your company’s economic prospects—by ensuring regulatory compliance or demonstrating security maturity to clients and prospects or management.
But just like a months-long overland trip to Oregon wasn’t a good plan for many nineteenth-century Americans, a network penetration test isn’t the right service for every organization. If you’re lacking basic security controls like patch management, a pen test won’t tell you anything you don’t already know.
Ready to take a hypothetical journey on The Penetration Test Trail? Download our Penetration Test Trail premium to get started.