From year to year, cyber-attacks represent the highest growing threat in terms of mitigation costs, and as a result, annual cyber security budgets continue to increase. Yet, companies still don’t know if they are sufficiently protected as hackers continue to find vulnerabilities and break into their networks despite their sophisticated firewalls and anti-virus systems.
Penetration testing (PT) is the only proven method to accurately test an organization’s security defense perimeter. However, in order to work effectively, PT needs to be done around-the-clock and globally, which when done manually, is very costly and constitutes a heavy load on company networks.
Today, every information security professional knows that Penetration testing is essential to in the process of “hardening and organization”.
Why is Everything Different?
In the past, most organizations had a traditional computer structure that included servers, workstations, and switches; and there was a clear boarder between the LAN and the WAN.
Today, things have completely changed, for example:
- Number of servers – the average number of servers used to be approximately 15% of the number of workstations. However, the virtualization revolution created a situation where a Windows data center license now allows an unlimited number of servers for the same price. For this reason, organizations create more and more virtual machines, which in turn lead to additional vulnerabilities in the system. Any virtual server can have a network configuration, and when this server becomes active, it can enable a critical cyber scenario. For example, it can include a vulnerability that can be exploited to steal information, but as the updates policy does not yet apply, the result is a server with multiple network interfaces that are exposed to attack.
- WAN infrastructure – today, MPLS technology facilitates the flattening of the infrastructure so an organization’s employees located in globally dispersed branches can easily access all resources. The problem arises as it is impossible to completely protect all branches, and this can lead to scenarios where a specific branch is hardened, but an employee in another branch may install equipment or software that allows a hacker to exploit that branch, and then reach your branch from there.
- Cellular – the BYOD attitude leads to a situation where employees bring their cellular to work and connect them to the LAN using WiFi access, which exposes the organization to multiple attacks.
To conclude, computing environments have become far more complex and dynamic than they used to be. For this reason, they are open to more sophisticated cyber-attacks, and the only way to evaluate an organization’s resiliency to these attacks is by performing ongoing penetration testing.