Penetration testing, or pen testing, has become a common practice for helping organizations take a proactive approach to protect against cyber threats. Per a 2015 survey, 92% of organizations with a cybersecurity program in place conducted pen testing. My guess is that number may only have increased over the past three years due to increased business compliance requirements and publicly revealed compromises exposed in the media.
However, we can’t expect the way we approached pen testing in 2015 to provide the same level of protection today. As the attack techniques cybercriminals use have evolved, the methods of pen testing organizations have as well. Today, there are a variety of penetration testing methods organizations can use to identify and resolve potential weaknesses in their cybersecurity programs.
One method that is becoming increasingly important for businesses in every industry is internal network pen testing.