A penetration test, often referred to simply as a pentest, is usually a technical test that examines the IT security of a defined target - typically an application, network, or building. The penetration tester or Ethical Hacker uses the same methods, techniques, and tools as a real attacker. This usually creates a realistic picture of the target's security situation.
How does a penetration test work?
Penetration tests are usually carried out by qualified professionals (see Pentest Provider). Occasionally, teams of multiple IT experts attempt to penetrate the target. The approach is generally the same. A scope is defined together with the client (what can and cannot be attacked). This happens during the so-called kick-off meeting - where other details are also discussed. Technical contacts are defined, communication channels are established, and relevant information is provided to the testers (accounts, documentation). The methodology is also strictly defined.
Subsequently, the test is conducted during the specified test period (days, times).
As a result, the client usually expects a PDF report containing all relevant information. This is handed over and discussed virtually or in person. Often, retesting takes place - where the White Hat Hackers test whether the patches and fixes for the vulnerabilities found actually work. An overview of the penetration test process can be found in the linked article.
What types of penetration tests are there?
Generally, there are 3 types of penetration tests - details for each type can be found in the linked article:
- Black Box Penetration Test: Testers have no knowledge about the target
- Grey Box Penetration Test: Testers have partial knowledge about the target
- White Box Penetration Test: Testers have full knowledge about the target
A special form is the physical penetration test, where the target is a building or premises. Here, the penetration tester tries to gain physical access to the target, which can happen through break-in or through techniques like tail gaiting. Bypassing security personnel, exploiting weaknesses in building security, or manipulating access controls are typical attack scenarios in this case.
Red Teaming, Social Engineering, and Phishing are also closely related to penetration tests and can be considered special forms of penetration tests. The same applies to campaigns that focus on specific attack scenarios or test certain techniques. Assume Breach would be an example here.
What risks are associated with penetration tests?
With a well-executed and planned penetration test, there are virtually no risks. However, if the penetration tester has to test a live/prod system, outages (Denial of Service) or data loss can occur. But even here, the risk can be reduced to virtually zero if the penetration tester knows what they're doing. From a compliance perspective, problems can also arise if the penetration tester gets access to a lot of personal data. Such things should be discussed in advance.
The best way for virtually zero risk is to conduct the penetration test in an isolated demo/test environment.
Are vulnerability scans also penetration tests?
No. Clever marketing people in companies repeatedly try to sell automated security vulnerability scans as real penetration tests. Terms like "Automated Penetration Test" or "Automated Vulnerability Scan" are typical here. A real penetration test is always conducted by a human.
How frequently should a penetration test be conducted?
For this, please read the following article: "How often must penetration tests be repeated?". Generally speaking: at least annually, better semi-annually or even quarterly. A penetration test should also be conducted for major system changes or new applications. More cost-efficient are offerings like Pentest as a Service.
What is the legal situation regarding penetration tests?
This is actually quite clear. If you don't have permission to penetrate a system, then it's illegal. The legal situation may be different in other countries. Based on the hacker paragraph 202c StGB in Germany, it is forbidden to intrude into foreign systems without permission.
Penetration Test: Costs and Prices
As often: It depends on many factors. For this, we offer you the following article: "How much does a penetration test cost?". Generally, you should expect costs in the mid four to five-figure range.
Who is the best pentest provider?
It's obvious: DSecured. No, seriously: There are many good providers. To help you with the selection: "Choose Penetration Test Provider". DSecured has a strong focus on penetration tests against applications and networks - both internal and external.
Thank you for your feedback! We will review it and optimize this content.
