What Exactly is “Pen Testing”?

by | Apr 2, 2020 | Ridge Security

Welcome to Ridge Security, and thank you for checking out the blog section of our website.

Today, we’re going to discuss the idea of a “Pen Test.” Many people ask, “What is pen testing?” “Why do pen testing?” We will broach and summarize the concept for you.

A “pen test,” in short, is an authorized attack on an entity’s cybersecurity network. The keywords are “authorized attack” and “cybersecurity network.” Traditionally, an “attack,” in cybersecurity terms, is more commonly known as a hack, which is firmly attached to a negative connotation. Because it is an “authorized attack,” it is pre-approved and meant for testing the security of a cybersecurity system.

Here’s an example explaining why we must test the effectiveness of a system.

Imagine you have a daughter who loves to sneak out at night. House rules are that she cannot leave the house without adult supervision. But, when you and your spouse are fast asleep at night, who’ll monitor her? Enter…drumroll please…the security camera! Of course that won’t stop her. If that were the case, we could use a cardboard cutout of a security camera. If your child is successfully bamboozled by this device, let’s just say, you are one lucky parent!

Back to the topic at hand, installing security cameras isn’t enough. Essential questions to be answered include: how will stored footage be accessed? At what angles will the security camera cover all blind spots? Is the security camera actually recording movement?

In order to answer these questions, you and your spouse could run simulations where you try to mimic various escape methods your daughter would likely utilize. Upon discovery, necessary precautions and adjustments are made to ensure your she doesn’t run off on her own in the evening! The act of running the simulations is equivalent to an “authorized attack” on your security system. The child sneaking out is equal to an “unauthorized attack.” Similarly, the effectiveness of a cybersecurity system should also be tested. A cybersecurity system is additionally complicated because a variety of means is utilized during an attempted break-in.

We hope our representation will help explain the idea of pen tests.

To recap, a pen test will test for a variety of vulnerabilities. Later, we’ll discuss the “automated” pen test—RidgeBOT‘s specialty—because it will complete the same requirements with an added bump in efficiency. You don’t need to be a security expert to understand the importance of security and successfully implement security. That’s why we have RidgeBOT.

For more information, check back for future articles.