Cyber Defense eMagazine June 2021 Edition
Cyber Defense eMagazine June Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine June Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
simulating real-life attacks carried out by intruders and spotting vulnerabilities that can be leveraged<br />
outside the network.<br />
2. White-box testing. Contrary to the technique discussed above, the tester has a 360-degree<br />
access to system information such as the source code and the environment and is able to conduct<br />
an all-inclusive security analysis using code analyzers and debuggers to determine both internal and<br />
external exposures.<br />
3. Gray-box testing. Finally, the penetration testing engineer may have limited data about the<br />
business’ software, like design and architecture documentation, and behave on behalf of a<br />
cybercriminal with a long-standing access to the system.<br />
Top 5 penetration testing types<br />
Unfortunately, all security risks are hard to envisage. Still, businesses may keep them to a minimum by<br />
timely applying QA to determine weak points in the system with the help of a realistic, in-depth<br />
analysis that penetration testing provides. Therefore, I suggest delving deeper into its types below.<br />
1. Network services<br />
Carried out both locally and remotely, it detects security flaws in the organization’s<br />
network infrastructure by covering high-priority aspects such as servers or workstations. In the scope of<br />
assuring quality, the engineers make sure that a company would manage to withstand a<br />
number of widespread attacks including SSH, DNS, database, proxy server hacks, and more. Since the<br />
network is an essential part of any organization and is responsible for business continuity, it’s wise to<br />
perform external and internal penetration tests.<br />
2. Web application<br />
This time- and effort-consuming penetration test helps define vulnerabilities in web<br />
applications, browsers, and multiple components like APIs by identifying every part of<br />
the apps leveraged by users. Performed professionally, it traces the most pervasive application weak<br />
points ― from bad session management to issues in code.<br />
3. Social engineering<br />
Generally, the core objective of cybercriminals is to deceive users by making them intentionally provide<br />
the desired sensitive data like credentials. Amid the COVID-19 outbreak, this verification plays first fiddle<br />
due to the boost in phishing schemes. To define security bottlenecks, the engineers utilize social<br />
engineering attacks such as phishing, scareware, tailgating, and others.<br />
4. Wireless<br />
In this case, the QA team seeks any kinds of weak points that can be used within the extensive chain of<br />
all the devices ― from laptops to smartphones ― connected to the corporate Wi-Fi. Accordingly, QA<br />
teams frequently run these tests onsite to be within the range of the signal. Wireless penetration<br />
testing means a great deal since without regular quality assurance, the intruders obtain unauthorized<br />
access to the organization’s network by applying diverse Wi-Fi hacking tools.<br />
5. Physical<br />
These kinds of tests often lack the appropriate focus, which is a big mistake. By making use<br />
of divergent security loopholes, the attackers can sneak into a server room and take control of a<br />
network. To prevent such a case, it’s vital to spot vulnerabilities in sensors and locks in advance.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>June</strong> <strong>2021</strong> <strong>Edition</strong> 66<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.