Remotely we stand

In an effort to contain the CoronaVirus and stop its expansion, countries all over the world have closed their borders. Enterprises globally are fast to follow suit by halting employee travels and prohibiting external visitors from entering their offices. However, within these restrictions and with minimal physical contact, business must go on. Fortunately, some services, such as accounting, legal or even HR, can easily be rendered remotely. But when it comes to cybersecurity, that is not always the case. 

Physical access to the local network is often required and is available only from within the organization’s premise. Such is penetration testing!

Can Pentesters Be ‘Contained’?

Senior pen-testers are among the cyber security professionals who travel the most. They are highly sought individuals with a large set of hacking tools and a great many years of practice. Experienced pen-testers are invited to organizations around the world for days or weeks at a time to try their best at cracking cyber defences and networks. Large corporations often prefer the same person to work across different territories in order to reach consistency in testing and reporting among the company’s affiliates.

Security Must Go On

Since the work of security validation can never stop, Coronavirus-days limitations are forcing security professionals to come up with remote alternatives for penetration testing. One that will eliminate the need to bring people into the office and share space and keyboards. Everything that can be done remotely must comply, if it comes with reduced costs and increased efficiencies, even better.

WANTED – Remote Pen-testing Software

In an ideal world a CISO would ask for software of this sort:

  • Does exactly what a pen-tester does
  • Doesn’t require any agents to be installed
  • Works on-premise, but may be activated remotely
  • Prioritizes remediation according to truly breachable vulnerabilities 
  • One that any IT person can operate

It just so happens that a technology invented in 2015, is in its prime in 2020. This algorithm-based technology mimics an ethical hacker with a large set of tools and techniques and can produce a full penetration test remotely, anywhere on earth. 

Yes, but does it “walk the talk”?

This approach is, more often than not, faced with skepticism, which turns into wonder, then buy-in, excitement and eventually, evangelism. The reason for these transitions lies within one’s ability to watch the pentest at work as it occurs, as if it was a James Bond movie screening. Truth be told, when it comes to networks, automated testing wins over manual testing, similar to the way your phone will, most times, beat you at chess. The power of the machine in terms of searching for credential data, automating relay techniques and running 24 hour long tests without tiring, is inconceivable.

A single test run proof-of-value is free for this technology for enterprises. So a test-drive is the recommended thing to do.

Written by: Aviv Cohen
Show all articles by Aviv Cohen
Learn more about automated security validation
Resource center
Get blog updates via email
Trending
Four steps the financial industry can take to cope with their growing attack surface
Four steps the financial industry can take to cope with their growing attack surface

The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobile banking apps, chat-based customer service, and other digital tools. Adobe’s 2022 FIS Trends Report, for instance, found that more than half of financial services and insurance firms surveyed experienced a notable increase […]

The elephant 🐘 in the cloud
The elephant 🐘 in the cloud

As much as we love the cloud, we fear it as well. We love it because cloud computing services of Amazon, Azure, and Google have transformed operational efficiency and costs, saving us money, time, and alleviating much of the IT burden. We also fear it because as companies moved to the cloud, they found that […]

A new era of tested Cloud Security is here
A new era of tested Cloud Security is here

Cloud computing has fundamentally changed how we operate. It’s efficient and scalable, but it’s not without some problems. Security is the biggest. As we’ve shifted to the cloud, we’ve exposed ourselves to new risks that can’t be ignored. The IBM Cost of a Data Breach 2023 Report points out that 11% of breaches are due […]

Learn more about our platform
Platform