Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How to Use Penetration Testing to Improve Your Remote Work Force Security

As the COVID-19 pandemic continues to force organizations all over the world to adopt varying degrees of remote work postures, new cybersecurity risks are being introduced. Can pen testing by used to help security – despite the limitations of lockdowns and other restrictions? To find out, we talked with Mark Whitehead, Global Vice President, Trustwave SpiderLabs Consulting. Find the full interview below.

Q: How has penetration testing changed when the majority of a company's workforce is working remotely?

Mark:  With penetration testing (pen testing) there are a lot of different options. When you think about adversaries who are trying to break into an organization, they don’t care where the data is, they just want to steal it. So, when you think about it from the point of view of someone who’s trying to break into organizations, even though many people are working from home, not that much has really changed.

From a pen testing point of view, I would say that right now there’s a lot more emphasis on applications, whether they are in the cloud or hosted natively. Many different organizations are looking at cloud penetration testing right now, due to the sudden shift to remote work and the consequent reliance on cloud infrastructure.

Organizations are suddenly wondering if their AWS, Azure, Oracle and Google cloud instances are secure – and if it turns out that they aren’t, what could have happened during that time frame. One area that I’m really encouraging organizations to focus on right now is credentials and using multi factor authentication. Authentication is becoming more and more of a boundary, especially with multi sphere security environments spread across the cloud. Employees are using single sign-ons across networks, across cloud environments — if those credentials are compromised you can get caught up in attacks, even if they weren’t initially targeted at you.

Q. Have there been non-pandemic instances where remote pentesting was required?

Mark:  At Trustwave, we’ve built our whole practice largely on remote pentesting. We still look at physical risks – if you have a building, you obviously want to pen test it. But a large portion of an organizations’ pentesting portfolio will generally be based on remote pentesting, pandemic or no pandemic, so some of the things that needs to be done today are really business as usual.

Q. Would pentesting potentially impact an employee’s home network? If so, are there any legal or compliance issues that need to be accounted for?

Mark:  Usually it shouldn’t really be an issue. At Trustwave, organizations will give us network ranges: an IP that their company owns or a cloud instance where their servers are hosted or their applications are, depending on scope.

The one spot you may have an issue, depending on how it’s configured, would be if employees were on a home network using non-work devices. As an example, say your security team was doing an advanced kind of pen test, like simulating a type of really advanced phishing attack, and that compromise were to detonate on an employee’s personal computer, you might run into some complications with compliance issues.

While these would generally be very rare cases, I have had clients ask me to break into their employee’s home wi-fi networks, which of course brings up all kinds of legal issue that are generally best to avoid.

Q. How does pentesting change or adapt to a remote working environment— what are the risks you look and test for?

Mark:  Remote workforces have been around long enough now where there really aren’t too many changes to the way we need to pen test. We base our services on availability and ease-of-use. When you do take a look at some of the new services that are coming online, it seems like many organizations are opening up new cloud platforms. That’s where organizations can be potentially more vulnerable, especially on the cloud communications platforms, like Zoom. These new apps can bring risk – they essentially are opening up a door to your network that you didn’t have previously.

Q. Are there any limitations to pentesting in this scenario?

Mark:  The only limitations are really around travel – can people physically go to sites? During the time of COVID-19, many organizations are in this hybrid mode, where the building is partially staffed. But there’s still IT infrastructure… there’s probably less security in the office. That’s where the limitation really come in, and that’s where risks are probably being introduced.


16387_testing-the-depths-of-your-security-cover
INFOGRAPHIC

Testing the Depths of Your Security

Proactive security testing can help you understand where your risks and vulnerabilities reside, enabling you to better prevent, detect and respond to security incidents and continuously improve your overall security posture. Read our latest Trustwave SpiderLabs infographic for insights on how to follow the best practices in security testing.

 

 

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo