Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How to Use Penetration Testing to Improve Your Remote Work Force Security

As the COVID-19 pandemic continues to force organizations all over the world to adopt varying degrees of remote work postures, new cybersecurity risks are being introduced. Can pen testing by used to help security – despite the limitations of lockdowns and other restrictions? To find out, we talked with Mark Whitehead, Global Vice President, Trustwave SpiderLabs Consulting. Find the full interview below.

Q: How has penetration testing changed when the majority of a company's workforce is working remotely?

Mark:  With penetration testing (pen testing) there are a lot of different options. When you think about adversaries who are trying to break into an organization, they don’t care where the data is, they just want to steal it. So, when you think about it from the point of view of someone who’s trying to break into organizations, even though many people are working from home, not that much has really changed.

From a pen testing point of view, I would say that right now there’s a lot more emphasis on applications, whether they are in the cloud or hosted natively. Many different organizations are looking at cloud penetration testing right now, due to the sudden shift to remote work and the consequent reliance on cloud infrastructure.

Organizations are suddenly wondering if their AWS, Azure, Oracle and Google cloud instances are secure – and if it turns out that they aren’t, what could have happened during that time frame. One area that I’m really encouraging organizations to focus on right now is credentials and using multi factor authentication. Authentication is becoming more and more of a boundary, especially with multi sphere security environments spread across the cloud. Employees are using single sign-ons across networks, across cloud environments — if those credentials are compromised you can get caught up in attacks, even if they weren’t initially targeted at you.

Q. Have there been non-pandemic instances where remote pentesting was required?

Mark:  At Trustwave, we’ve built our whole practice largely on remote pentesting. We still look at physical risks – if you have a building, you obviously want to pen test it. But a large portion of an organizations’ pentesting portfolio will generally be based on remote pentesting, pandemic or no pandemic, so some of the things that needs to be done today are really business as usual.

Q. Would pentesting potentially impact an employee’s home network? If so, are there any legal or compliance issues that need to be accounted for?

Mark:  Usually it shouldn’t really be an issue. At Trustwave, organizations will give us network ranges: an IP that their company owns or a cloud instance where their servers are hosted or their applications are, depending on scope.

The one spot you may have an issue, depending on how it’s configured, would be if employees were on a home network using non-work devices. As an example, say your security team was doing an advanced kind of pen test, like simulating a type of really advanced phishing attack, and that compromise were to detonate on an employee’s personal computer, you might run into some complications with compliance issues.

While these would generally be very rare cases, I have had clients ask me to break into their employee’s home wi-fi networks, which of course brings up all kinds of legal issue that are generally best to avoid.

Q. How does pentesting change or adapt to a remote working environment— what are the risks you look and test for?

Mark:  Remote workforces have been around long enough now where there really aren’t too many changes to the way we need to pen test. We base our services on availability and ease-of-use. When you do take a look at some of the new services that are coming online, it seems like many organizations are opening up new cloud platforms. That’s where organizations can be potentially more vulnerable, especially on the cloud communications platforms, like Zoom. These new apps can bring risk – they essentially are opening up a door to your network that you didn’t have previously.

Q. Are there any limitations to pentesting in this scenario?

Mark:  The only limitations are really around travel – can people physically go to sites? During the time of COVID-19, many organizations are in this hybrid mode, where the building is partially staffed. But there’s still IT infrastructure… there’s probably less security in the office. That’s where the limitation really come in, and that’s where risks are probably being introduced.


16387_testing-the-depths-of-your-security-cover
INFOGRAPHIC

Testing the Depths of Your Security

Proactive security testing can help you understand where your risks and vulnerabilities reside, enabling you to better prevent, detect and respond to security incidents and continuously improve your overall security posture. Read our latest Trustwave SpiderLabs infographic for insights on how to follow the best practices in security testing.

 

 

Latest Trustwave Blogs

Phishing: The Grade A Threat to the Education Sector

Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat...

Read More

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More