On November 20, NetSPI Managing Director, Nabil Hannan, was featured in the Datamation article called 5 Top Penetration Testing Trends in 2022. Read the preview below or view it online.
Penetration testing is based on the premise that one of the best ways to safeguard the enterprise is to pretend to be a hacker and find the number of ways you can break into a business.
The FBI uses this strategy. It often recruits criminals such as forgers and thieves who proved especially effective at crime and in thwarting the efforts of law enforcement. These former criminals become consultants who are highly skilled at spotting scams. Frank Abagnale is one of the most famous, the subject of the movie, “Catch Me If You Can”.
Penetration testing is a formalization of this approach. A series of tools have been developed that are designed to automatically probe the network and systems for different weaknesses.
1. Understand The External Attack Surface
Nabil Hannan, managing director, NetSPI, has noted a greater focus on testing and understanding the external attack surface of organizations.
Over the last two years, with the shift to working from home, businesses had to make drastic and rapid transformations in the way they operate. As a result, not only did the threat model of their business change, but the external facing attack surface of their organization evolved.
Enterprises now have assets that are exposed to the internet and are regularly changing — and these changes are occurring more rapidly with cloud-hosted systems. That’s one of the drivers behind attack surface management solutions, such as NetSPI’s ASM. They are being leveraged by organizations to continuously monitor attack surfaces and proactively identify any areas of risk in a timely manner.
“Creating and managing an accurate inventory of internet-facing assets and being able to identify potential exposures and vulnerabilities have become key focuses for many organizations,” Hannan said.
You can read the full article at Datamation!