>> Penetration testing, or simply pen testing,
is very similar to a cyber attack by a black hat hacker.
First, you find systems.
Then you find programs or services on those systems.
Then you find vulnerabilities in thoe programs or services on those systems.
Then you find ways that those vulnerabilities can be exploited.
Then you exploit those vulnerabilities.
Now that you've compromised systems, you can use them to pivot to other systems
on the same network as well as systems on different networks.
Black hat hackers, in the event that they're caught, go to jail.
White hat hackers, who do the exact things that black hat hackers do, get paid,
have a thrilling career, and are held in high regard in the cyber security community.
White hat hackers, also known as pen testers, penetration testers,
and ethical hackers are hired by companies to find and exploit vulnerabilities
so the vulnerabilities can be identified and fixed before the black hatters discover them.
A vulnerability is a weakness, a gap, a hole in an operating system, software,
or hardware that provides a way into a system or network for the attackers.
Weak password, susceptibility to buffer overflows,
susceptibility to SQL injection attacks are all examples of vulnerabilities.
How do these vulnerabilities come to light?
Who discovers them?
From the black hat camp, malicious evil hackers.
From the white hat camp, security researchers.
Both sides spend day in and day out poking
and prodding operating systems, software, and hardware.
Some vulnerabilities are labeled as zero day vulnerabilities.
These are vulnerabilities that are discovered
but not publicly announced before being exploited.
Therefore, the companies and individuals
that would normally patch the vulnerabilities now have zero days to fix the problems
or suggest mitigation techniques.
Once a vulnerability is disclosed, the risk or probability of it being exploited diminishes.
Zero day vulnerabilities, of course, have no patches
or fixes because no one knows about them.
In the last few days of 2016, the FDA, Food and Drug Administration, in the United States
of America provided a framework to assess cyber security risk
across the life cycle of medical products.
In addition, the FDA gave suggestions on how
to address an identified cyber security risk anywhere healthcare and IT collide
without scaring patients and providers or tipping off black hatters or white hatters
to exploit a known vulnerability.
The most important guideline in the FDA framework gave permission
to device manufacturers to fix security issues without having to submit the devices
to a lengthy recertification process.
Before this, lots of manufacturers were reluctant to make changes by applying patches,
which would trigger the need for recertification.
However, look no further than the WannaCry ransomware outbreak from May 2017 to realize
that even after a vulnerability is identified, annouced, and even patched,
companies and individuals at home, in a lot of cases, do nothing.
转载于:https://www.cnblogs.com/sec875/articles/10028477.html
1331
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
