Why Consider Penetration or Vulnerability Tests?

Penetration tests, or “pen tests”, are controlled cyberattacks that illustrate how secure a network or system is. They are performed to both illustrate the vulnerabilities in a current system, as well as pave the way for solutions and risk mitigation.

The first phases of a pen test are commonly referred to as vulnerability assessments or vulnerability tests; they focus on identifying weaknesses without exploiting them, and they are often performed as their own service as well. A vulnerability test should not be confused with a vulnerability scan, which is an automated process, and less sophisticated.

Though only some companies are required to have annual pen tests in compliance with industrial regulations, pen testing should be one of the first services considered for any company who wants to improve their cybersecurity. They are excellent tools in making a business aware of what’s at stake in the event of a cyberattack. If you and your business are concerned with how secure your networks are, these tests will help to inform you about existing vunerabilities.

Internal vs External Tests

External pen tests are generally performed first, and help a company understand what a cybercriminal can achieve with no prior access to the network. They generally focus on breaching vulnerabilities discovered on external assets – this includes email, websites, and online file shares.

An internal pen tests is sometimes performed after an external pen test is completed and seeks to examine what damage a hacker can inflict if they were to have access to the network. Often this involves exploring insider threats, such actions that can be performed by employees, either intentionally or unintentionally. Generally, these inside attacks are more harmful to organizations, since it’s assumed that the attacker already knows their way around the network.

Corporate vs Home Networks

In the past, testing was usually performed only on corporate networks, but with the rise in remote work, it has become increasingly important to understand the vulnerabilities brought by employees' home networks. For this reason, it is recommended to perform external vulnerability tests for employee networks in order to provide visibility in the new threat landscape of remote teams and mitigate these threats as much as possible.

Interested in learning more about penetration testing?

Check out our blog entitled "Penetration Testing and Remote Work: What You Need to Know"

How We Can Help

Our team of security consultants will work with you to understand which tests are most appropriate for your organization, and then our team of penetration testers will perform them accordingly. We offer both internal and external penetration and vulnerability tests for corporate networks and employee home networks.

Penetration and vulnerability tests serve as only part of a broader cybersecurity strategy. When you engage with Intellectmap, you are not simply getting a service, you are getting a team of trusted advisors for your company’s cybersecurity. With Guardian Angel, our cybersecurity tools and services, you can rest assured that every weak link in your company’s cybersecurity posture is addressed.