Legal Hacking: Penetration Testing

by Nataliia Vasylyna | August 29, 2016 9:03 am

In the world of digital technologies hacking takes one of the medal places in the category “worst developer’s nightmare”. That’s why software testing company provides such service as penetration testing, when specialists investigate the product in order to find “week points” there.

Penetration testing specialists (or so called pen testers) act like real hackers by breaking into website to access the secured data they shouldn’t be able to obtain. By this it differs from ordinary security testing[1], though methods legal hackers use are very much the same.

What Methods Are Used for Penetration Testing?

• Automated testing
• Manual testing
• White box testing
• Black box testing

Automated testing really helps to save pen tester’s time, as vulnerabilities are fortunately pretty standard and common. Some mistakes can be missed by machine; besides, sometimes a crack can be found only by the variety of actions, that’s why manual testing[2] is also used. For the same reason white box and black box testing[3] are used together. These two methods complete each other and make testing more effective.

Even one soft point in the product may cause colossal headache and money loss. It is particularly topical when dealing with financial and user data.

Where Can Soft Points Hide?

• Software
• Network
• Hardware
• Process

Particularly everywhere, isn’t it? It one more time proves that penetration testing is the guarantee of security and safety of the product.

Related Posts:

• How to Select a Penetration Testing Service Provider?[4]
• 7 Types of Security Testing[5]
• New job title: The Ethical Hacker on Artificial Intelligence[6]

Source URL: https://blog.qatestlab.com/2016/08/29/legal-hacking-testing/

---