Penetration Testing Execution Standard (PTES) (Part 1 of 2)

By Ashwin Venugopal -

 







Introduction

Nowadays, cyberattack on various organizations, enterprises, or government sectors via hacktivists, criminals, national enemies, etc. have become a common practice. They always look for a loophole to penetrate a computer network's defense system of their victims. Hence, there are many effective ways to defend against cyber attacks. Some of them are- training the employees, keeping the system and software up-to-date, multiple backup solutions, monitoring network traffic, etc. However, one of the major defense mechanism is PTES (Penetration Testing Execution Standard). 

What is PTES?

PTES is basically a comprehensive guide that outlies a standard methodology for conducting penetration tests. The method was developed by a team of information security practitioners to cater to the need of a complete and updated standard for penetration testing. 

Penetration testing is a process in which organizations can test their own network security by simulating the real-world cyberattacks. This process helps in locating and fixing any vulnerabilities before their exploitation by a threat actor. PTES always strives to raise the standard for penetration testing quality and offer high-caliber advice and help guide to the penetration tester. 

Process of PTES

PTES segregates the testing process in seven sections:
  • Pre-engagement Interactions- This is the preparation phase. Everything is decided by the client and the penetration testing body before starting the actual process. Things like scope, information supplied to the body, and rules of engagement are discussed beforehand. Also, the goals of the penetration test are made crystal clear to everyone.

  • Intelligence Gathering- In this stage, information about the target system are gathered from all publicly accessible data sources like social media websites, official records, etc. This procedure is also called OSINT (Open Source Intelligence). It is all about gathering any piece of information that might be helpful at a later stage of the testing procedure.

  • Threat Modelling- Here, the penetration tester try to identify assets that can be most likely targeted as well as the resources (human or non-human) that can be employed to target those assets. It helps in defining counter-measures to prevent or mitigate the system threats. it can be skipped in typical pan tests.

  • Vulnerability Analysis- This stage discovers and validates vulnerabilities. This risk can allow an attacker to exploit and gain authorized access to the system or application.

  • Exploitation- This stage is the most important part of a penetration test. The tester will try to reach the security of a target system with the help of previously identified and validated vulnerabilities. The tester will get the most out of the attack's results and insights by adhering to the rules of stealth, speed, and depth of penetration testing. 

  • Post Exploitation- This one maintains the control over target system and collect data. The findings in the post exploitation stage may result in change of scope and other possible problems if exploitations reveal deeper and more complicated flaws that the client did not foresee.

  • Reporting- Finally, a report will be compiled with all the information from every stage. It will contain all the documentations of the operations happened from planning and attacking to post exploitation, key findings of the security, and risk as well as correction. The report indicates the end of the penetration test

Conclusion

This part talks about PTES, its definition, and seven stages of its process in detail.






































Comments

Post a Comment

Popular posts from this blog

Query, Visualize, & Monitor Data in Azure Sentinel

By Ashwin Venugopal -
Image
  Azure Sentinel Workbooks Several ready for use templates are provided by the Azure Sentinel that can be used to create your own workbook and then modify them as needed for Contoso. Most of the data connectors it uses to ingest data come with their own workbooks, but better insight can be obtained by simply looking into the data that is being ingested by using tables and visualizations, including bar and pie charts. You can also make your own workbook easily by using this data from the beginning instead of using the predefined templates. Workbook Page You can easily access the workbook page from the Azure Sentinel from the navigation pane which consists of the: Workbook header- You can add a new workbook and review the saved workbooks as well as templates that are available on the workbook page. Templates section- You can access existing workbook templates on the Templates tab. You can save some of the workbooks for quick access and they will appear on the My Workbooks tab.  From the
Read more

Planning for Implementing SAP Solutions on Azure (Part 2 of 5)

By Ashwin Venugopal -
Image
  To read part 1 please click  here To read part 3 please click  here To read part 4 please click  here To read part 5 please click  here Load Balancing The load balancer uses probe ports to determine as well as route the traffic to an active DBMS node, but of there's any failover then the most common SAP application architecture can automatically reconnect against the private virtual IP address without the need for the SAP application to reconfigure it, while the load balancer redirect the traffic against the private virtual IP address without any need for the SAP application to reconfigure. The loaf balancer also offers an option of DirectServerReturn which if configured, can help in directing the traffic from the DBMS VM to the SAP application layer directly to the application layer without routing through the load balancer. But, if it isn't configured, then the return traffic to the SAP application layer is routed through the load balancer. You can also use Azure Load Balan
Read more

Work with String Data Using KQL Statements

By Ashwin Venugopal -
Image
  Extract Data from Unstructured String Fields Unstructured string fields often contains the Security log data and requires parsing to extract data. There are multiple ways of pulling information from string fields in KQL and the two primary operators used are extract and parse.  Extract It gets a match for a regular expression from a text string. You can convert the extracted substring to the indicated type.  Arguments regex- A regular expression. captureGroup- A positive int constant indicating the capture group to extract. 0 stands for the entire match, 1 for the value matched by the first '('parenthesis')' in the regular expression, 2 or more for subsequent parenthesis.  text- A string to search. typeLiteral- An optional type literal. If provided, the extracted substring is converted to this type.  Returns If regex finds a match in text- the substring matched against the indicated capture group captureGroup, optionally converted to typeLiteral. If there's no mat
Read more