Intelligence Led Penetration Testing

Traditional penetration testing has been conducted on organisations for years now. The objective of the assessment is very simple where by the organisation would have a scope for the testers to conduct a security assessment on and discover vulnerabilities. Later, the tester would give information about the vulnerabilities and ways to remediate them to the organisation for further action. The only disadvantage of this approach is that the scope is often determined by the organisation itself before they procure the service from the cyber security companies. Thus being said, the tester should only test the mentioned scope and not go out of scope as it would be called “scope creep”. There are two possibilities using this traditional approach where by: 1) the tester might identify the vulnerabilities in the scope mentioned, but they do not exploit them to identify their impact on the organisation as a whole, or 2) the exploit was performed once the tester identified the vulnerability, but they do not evaluate the business impact on the organisation as a whole.

However, Intelligence Led Penetration Testing Assessment can fill this gap as it will be tested according to certain questions, such as what, when, why, and how the threats will be exploited by the attacker if they supposedly want to attack the organization. As the name suggests, this approach to penetration testing would highly rely on the reconnaissance portion / the intelligence gathering, which are also known as the digital footprints. Most of the organisations nowadays have digital footprints on the Internet. This, knowingly or unknowingly, can be gathered by the attackers and curated to attack the organization. The advantage of intelligence led penetration testing is that the tester would collect as much information possible on the organisation based mainly but not only on their digital footprints and try to evaluate the risk attached to the information gathered. From there, the tester would craft and simulate possible attacks that an attacker could launch using that piece of information. At the end of the day, the tester would present the intelligence collected and its possible attacks to the organisation so they would know about the threats and plan their defense moving forward.

The approach includes the following five (5) stages: