>> Penetration testing, or simply pen testing,is very similar to a cyber attack by a black hat hacker.First, you find systems.Then you find programs or services on those systems.Then you find vulnerabilities in thoe programs or services on those systems.Then you find ways that those vulnerabilities can be exploited.Then you exploit those vulnerabilities.Now that you've compromised systems, you can use them to pivot to other systemson the same network as well as systems on different networks.Black hat hackers, in the event that they're caught, go to jail.White hat hackers, who do the exact things that black hat hackers do, get paid,have a thrilling career, and are held in high regard in the cyber security community.White hat hackers, also known as pen testers, penetration testers,and ethical hackers are hired by companies to find and exploit vulnerabilitiesso the vulnerabilities can be identified and fixed before the black hatters discover them.A vulnerability is a weakness, a gap, a hole in an operating system, software,or hardware that provides a way into a system or network for the attackers.Weak password, susceptibility to buffer overflows,susceptibility to SQL injection attacks are all examples of vulnerabilities.How do these vulnerabilities come to light?Who discovers them?From the black hat camp, malicious evil hackers.From the white hat camp, security researchers.Both sides spend day in and day out pokingand prodding operating systems, software, and hardware.Some vulnerabilities are labeled as zero day vulnerabilities.These are vulnerabilities that are discoveredbut not publicly announced before being exploited.Therefore, the companies and individualsthat would normally patch the vulnerabilities now have zero days to fix the problemsor suggest mitigation techniques.Once a vulnerability is disclosed, the risk or probability of it being exploited diminishes.Zero day vulnerabilities, of course, have no patchesor fixes because no one knows about them.In the last few days of 2016, the FDA, Food and Drug Administration, in the United Statesof America provided a framework to assess cyber security riskacross the life cycle of medical products.In addition, the FDA gave suggestions on howto address an identified cyber security risk anywhere healthcare and IT collidewithout scaring patients and providers or tipping off black hatters or white hattersto exploit a known vulnerability.The most important guideline in the FDA framework gave permissionto device manufacturers to fix security issues without having to submit the devicesto a lengthy recertification process.Before this, lots of manufacturers were reluctant to make changes by applying patches,which would trigger the need for recertification.However, look no further than the WannaCry ransomware outbreak from May 2017 to realizethat even after a vulnerability is identified, annouced, and even patched,companies and individuals at home, in a lot of cases, do nothing.
转载于:https://www.cnblogs.com/sec875/articles/10028477.html
