Vulnerability scanning & automated penetration testing
Posted: Lee @Intrasource
Criminals and organised crime organisations are becoming increasingly focussed on a new commodity…..your data!
Guns and drugs are sold once but data can be sold over and over again. Data is also a lot less dangerous to deal in and a lot easier to steal than drugs and guns.
At the time of writing we are just 6 months away from the GDPR coming in. This adds another dimension the importance of securing your data and protecting from a security breach. In addition to the growing myriad of ways in which your data can be stolen or compromised, the reputational damage to your business and loss of income, there is the vastly increased penalties from the Data Protection Authorities under GDPR.
Currently, 80% of businesses that suffer a data breach go out of business within 2 years. With the new higher penalties this picture could get dramatically worse.
Cybercriminals are developing more and more sophisticated methods of stealing data. The challenge for the cybersecurity industry is how to stay ahead of the game in a constantly changing landscape. Security experts always recommend a multi-layered approach to security and that first layer of protection should be on your perimeter.
You can and should deploy high quality anti-virus and anti-spam products at a local level, and you should have a high-quality firewall sitting in front of those products. You should also be using encryption and online backups and follow our handy 8 top tips for IT security. But it makes little or no sense to do those things and then not test behind your defences regularly.
Businesses need to look at this from a hacker’s perspective. If the hacker was to find a way around your defences, could they find a vulnerability to exploit? Testing behind your defences is just as important as testing the strength of the defences themselves.
We have partnered with AppCheckNG to bring you a world class Web Application and Infrastructure vulnerability scanner which will look for these vulnerabilities….….vulnerabilities a hacker can exploit to cause major damage to your business.
AppCheckNG automates the penetration testing process and has been designed and developed by experienced penetration testers and is offered as an ‘as a service’ subscription model. This gives you the ability to rigorously test for vulnerabilities whenever you want to ensure you are always fully protected.
Penetration testing is traditionally a very expensive procedure providing a ‘moment in time’ report. When done well, it is a very effective method of identifying gaps in your IT defences where your business-critical data is at risk. You can then plug those gaps and feel safe and secure.
However, in IT things are always changing, tweaks are made, updates rolled out, changes are introduced, human error occurs and you are then vulnerable again.
Automating the penetration testing process enables you to test periodically, or after any change is rolled out. Regular and robust vulnerability scanning means that you will get maximum value for money out of all your IT security activities and products. It gives you the opportunity to deploy and configure them correctly to deal with the vulnerabilities identified.
AppCheckNG is also an effective way of assessing the effectiveness of any manual penetration test undertaken. Manual Pen testing is also subject to potential human error but generally this can’t be picked up. Backing the process up with an automated test will verify the validity of the manual pen test.
In short AppCheckNG offers unparalleled detection rates, accuracy and scalability and should be part of any IT security and data protection strategy.
Contact us to find out more about AppCheckNG.
Find more information and IT security news here.