ฝัง
- เผยแพร่เมื่อ 27 มิ.ย. 2024
- Penetration testing attempts to exploit weaknesses or vulnerabilities in systems, networks, human resources, or physical assets in order to stress test the effectiveness of security controls.
The different types of penetration tests include network services, applications, client side, wireless, social engineering, and physical. A penetration test may be performed externally or internally to simulate different attack vectors. Depending on the goals of each test, a penetration tester may or may not have prior knowledge of the environment and systems they’re attempting to breach. This is categorized as black box, white box, and gray box penetration testing.
Video Chapters
------------------------------
00:00 - Introduction
01:08 - What Is Penetration Testing?
02:59 - What Is The Primary Purpose Of Penetration Testing?
04:11 - Reporting On Findings
05:20 - What Are The Different Approaches To Penetration Testing?
05:48 - Black Box Testing
06:44 - White Box Testing
07:56 - Gray Box Testing
09:20 - Network Services
10:34 - Web Applications
13:09 - Client Side
13:50 - Wireless
15:06 - Social Engineering
16:19 - Physical
About The Author
------------------------------
Jason Firch, MBA
purplesec.us/cyber-security-e...
Related Videos
------------------------
► What Is Vulnerability Management?
• What Is Vulnerability ...
► Common Types Of Network Security Vulnerabilities In 2022 • Common Types Of Networ...
► 7 Data Loss Prevention Best Practices
• 7 Data Loss Prevention...
► The 3 Types Of Security Controls
• The 3 Types Of Securit...
► Red Team VS Blue Team: What’s The Difference?
• Red Team VS Blue Team:...
► What Is A Security Operations Center?
• What Is A Security Ope...
► Firewall Penetration Testing: Steps, Methods, & Tools
• Firewall Penetration T...
Resources & Links
------------------------------
A Beginner’s Guide To Understanding Penetration Testing
purplesec.us/resources/penetr...
50 Free Information & Cyber Security Policy Templates
purplesec.us/resources/cyber-...
What Is A Penetration Test?
A penetration test involves a team of security professionals who actively attempt to break into your company’s network by exploiting weaknesses and vulnerabilities in your systems.
Penetration tests may include any of the following methods:
Using social engineering techniques to access systems and related databases. Sending of phishing emails to access critical accounts.
Using unencrypted passwords shared in the network to access sensitive databases.
These attempts can be far more intrusive than a vulnerability scan and may cause a denial of service or increased system utilization, which may reduce productivity, and corrupt the machines.
In some cases, you may schedule penetration tests and inform staff in advance of the exercise. However, this wouldn’t be applicable if you want to test how your internal security team responds to a “live” threat.
For example, red team exercises are often performed without informing staff to test real-world threat scenarios.
In this case, it’s important to inform the blue team lead, CISO, or upper-level management of the exercise. This ensures the response scenario is still tested, but with tighter control when/if the situation is escalated.
Regardless of the scenario you should conduct a penetration test with a specific intent and clearly define your wants and needs with the penetration testing team.
For example, you may just finish rolling out a new security program for your business and want to test its effectiveness.
A penetration test can determine if certain objectives of the program have been achieved such as maintaining 99.99% availability during an attack, or ensuring data loss prevention (DLP) systems are blocking would-be attackers from exfiltrating data.
--------------------------------------
► If you need help securing your business from cyber attacks then feel free to reach out: purplesec.us/consultation/
► Follow us on Twitter: / purple_sec
► Find us on Pinterest: / purple_sec
#pentesting #PurpleSec #cybersecurity - วิทยาศาสตร์และเทคโนโลยี
👋 If you're new here, then consider subscribing to our weekly newsletter featuring the top cybersecurity minds in the industry:
www.linkedin.com/newsletters/ai-cybersecurity-insights-7058517055238504448/
Underrated content, needs more views, subscribers, and likes.
Appreciate the kind words!
- Jason
I don’t need any additional Tutor/Description about PT
Your tutor is more than enough !
Thank you bro !
Happy to hear this was a useful resource!
- Jason
Amazing video! Congrats.
I am currently studying Web Application Pentesting. This video cleared me some doubts.
Thanks
, really complete and great explication of the things!
Thanks for making this
Excellent Video...Thank you for sharing your knowledge.
Happy to hear this was useful for you!
- Jason
enjoyed, liked, subscribed.
sir what is cloud penetration testting