Its not too long when security professionals needed the system to redefine the security checking methods in corporate world. Its very difficult to compete with the whole Black hat army with bare hands. “Survivial of the fittest” to make new world security evolves in penetration testing.
First question flash in our mind is What on Earth is this Penetration testing?
It is basically a process of attacking on a system. Lets take an example:
I am security officer of XYZ Inc. I am concerned about the security of the company’s network but I am not able to find any loop hole or hot spot, which have potential to crash the network and cause loss of million bucks to company.
Now, What I will do is hire a Penetration testing team and instruct them to penetrate or in general term hack in the network of the company. They will apply all possible attacks all possible technologies to hack into the system. Lets assume that they hacked into the system through SQL injection attack. So now I know that the company’s system is vulnerable to this attack and I will take the appropriate step to prevent this.
May be this is the weird but to protect ourselves from the cyber attackers we have to be one of those. This is the only way we can think in their way and find out their strategy.
I am on it from last 2 weeks very soon I will post about the certification papers for penetration testing. Its’ still in the process of metamorphism.
I am also considering the books on this subject. Lets see how far I can go.
