What is a pen-test: A pen test - short for penetration test - is a simulated attack on a network to test the strength of its security. Usually, the pen-tester will have a specific objective (e.g., “compromise this piece of data…). A vulnerability scan tells you “what are my weaknesses?”, and the pen test tells you “how bad a specific weakness is.”

Different industries will have different government-mandated requirements that dictate the frequency of penetration testing. One of the more broad-reaching regulations, the PCI DSS, for example, requires testing on an annual basis. However, it is prudent to go beyond the legal minimum. You should also conduct a pen-test every time you have:

• added new network infrastructure or applications

• made significant upgrades

• made modifications to infrastructure or applications

• established new office locations

• applied a security patch (or patches)

• modified end-user policies

In other words, any time you have made a significant update to your software or hardware, it should be considered essential to conduct pen-testing (and update IT documentation).

Learn more about how our company can help your #lehighvalley #business. Contact us at 610-866-2828 or via our contact form.