Penetration Testing

Also known as "Ethical hacking"
Simulated cyber attack to identify exploitable vulnerabilities in a computer system
Assesses systems for potential weaknesses that attackers could exploit
Various types include
- Physical
- Offensive
- Defensive
- Integrated

Evaluates an organization's physical security measures
Examples
- Testing locks
- Access card
- Security cameras
- Other physical security measures
Identifies vulnerabilities and recommends improvements for enhanced physical security
Benefits
- Identifying security vulnerabilities
  - Helps to identify weaknesses and physical security measures such as locks, access cards, and security cameras.
- Improved security awareness
  - Focuses on raising awareness about the importance of physical security among employees.
  - Encourage best practices
- Preventing unauthorized access
  - Identify and fix vulnerabilities in your physical security posture
Example:
- A physical pentester might try to bypass a company security by tailgating behind an employee as they enter through a security door or access control vestibule
- Try to clone the authorized user access card to use that to enter the building.

Known as “red teaming”
Proactive approach that involves use of attack techniques, akin to real cyber threats, that seek and exploit system vulnerabilities
Actively seeks vulnerabilities and attempts to exploit them, like a real cyber attack
Helps uncover and report vulnerabilities to improve security
Example:
- Red Teamer trying to gain unauthorized access to a computer network by exploiting a known vulnerability in a piece of software.
- The tester will then report this vulnerability to the company so that they can fix it before a real attacker could exploit the same vulnerability.
Can simulate real-world attacks and gain support for cybersecurity investments
- So the organizations learn to recognize and defend agains such threats

Known as “blue teaming”
A reactive approach focused on strengthening systems, detecting and responding to attacks
- Entails fortifying systems, identifying and addressing attacks, and enhancing incident response times
Monitors for unusual activity and improves incident response times
Helps strengthen systems
Enhances detection capabilities and helps improve incident response
Example:
- A Blue Teamer might monitor a network for signs of unusual activity that could indicate an attack.
- If an attack is detected, the tester would then work to mitigate the damage and strengthen the system to prevent future attacks.
- By conducting defensive penetration testing in your organization, your staff will learn how to better conduct an incident response, strengthen their systems, and enhance their detection capabilities

Known as “purple teaming”
Combines elements of offensive and defensive testing
Red team conducts offensive attacks, while the blue team detects and responds
Encourages collaboration and learning between the red and blue teams
Benefits
- Comprehensive security assessment
- Promotes collaboration within cybersecurity teams
- Conducts simulated attacks and responses to improve skills
Example:
- The Red Team might launch a simulated attack on the organization system while the blue team tries to detect and respond to that attack.
- If the blue team identifies the attack, the red team is informed so they can try more advanced type of attack to avoid detection.
- If the blue team does not identify the attack that the red team conducted, then the red team will walk the blue team through the attack process and how they can best configure their network sensors to detect this kind of attack in the future
Provide comprehensive security solutions