In short Pen Testing (Also referred to a Penetration Testing and a Pen Test) involves a range of security audits and testing techniques employed solely to evaluate network security: Specifically any vulnerabilities or threats due to unstable and inadequate system configurations, weak system defences and processes: As well as hardware and software failings. All of which could leave your network open to attack from an external and malevolent source: That ‘malevolent source’ invariably being a Cracker: AKA a Black Hat Cracker.

Pen Testing can involve an active exploitation analysis: Or can be as straightforward scan of an organisation’s IP Address to a major security audit of the network system’s source code – It varies and there are many areas of ‘Grey’….

White Box Testing is far less labour intensive than Black Box Testing: Therefore comparatively inexpensive and so accessible for most organisations. During a Black Box Penetration Test the systems security expert will assume the role of a Black Hat Hacker and attempt to enter that system without first acquiring any real knowledge of its infrastructure – Hence, the Black Box Pentest is also known as a ‘Blind’ test. In stark comparison, for a White Box Pentest the systems expert is given much information; which can include source code and even passwords – Hence a White Box Pentest is often referred to as ‘Full Disclosure’ Pen Testing.

White Box Testing effectively replicates an ‘insider’ attack: Or reveals the consequences should certain sensitive information (such as passwords and infrastructure) be leaked to malevolent sources. Both White and Black Penetration Tests have their merits – And there are various levels in-between available (Partial Disclosure Pen Testing) which can be equally beneficial. While a Black Box Pentest is in process network systems can slow down. In a ‘worse case scenario’ damage may even occur – While this is far from usual the risk can never be eliminated: Even so, the fact a system was infiltrated and subsequently damaged by a network security expert and NOT a Black Hat Hacker is comparatively and undoubtedly the more favourable outcome.

Murray IT Support Pen Testing services are accurate and informative. Carried out by experienced IT Security professionals our packages are extremely competitive – However feel free to contact us with any questions you have: Or if you would like to discuss specific requirements. Our network security experts are always ready to work ‘out of the box’……. Contact Us!