Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

What's in Your Cybersecurity Arsenal? Penetration Testing and Other Top Tactics

Take a look at key tools for your cybersecurity arsenal, including penetration testing, threat modeling and more.

Determining your organizational approach to cybersecurity — which tools you use, how you allocate personnel and financial resources to the task, where you harden your IT infrastructure the most — is not the easiest task when you're new to it. Truth be told, it's not necessarily easy when you've done it half a dozen times, either. 

As such, you'll need to review your options. These run the gamut from fairly well-known quantities like penetration testing and vulnerability assessments to newer practices like threat modeling and bug bounties. Regardless of which route you take, it will still be well worth your while to understand the available paths to a more secure network.

Before we begin, it’s important to explore the relationship between vulnerability assessment and penetration testing. While they are best used in tandem, they are often mistaken for one another. Vulnerability assessment is the process by which an organization enumerates all of the potential areas of weakness on their systems. During penetration testing, they are confirming the potential risks, putting the hypothetical weaknesses to the test to confirm whether and how they could lead to a successful cyberattack. 

Penetration testing: A valuable yet underutilized tool

The key point of penetration testing (sometimes shortened to "pen testing") is to actively identify dents in your network's armor.1 Specifically, you do so by looking for them — and, when found, attack them the way an attacker would.

Some penetration testing tools are software-based, using automated scanners to find problems wherever they may be: in specific applications, within the network's firewall, embedded within your operational technology and so on. In other cases, the test will actively simulate an attack. This can mean putting excessive pressure on the network and specific operations within it (like a very mild version of a dedicated-denial-of-service attack).

No matter how they're executed, penetration tests should always be conducted with precise goals in mind. For example, you could deploy a series of tests in conjunction with reporting from a vulnerability assessment tool like Nessus. If the assessment identified issues with network security and your organization took measures to rectify them, pen testing would help assess if the remediation was effective.

Each of the tools we'll be discussing here will be most effective if you have an underlying and ongoing vulnerability assessment program in place.

Penetration testing and other top tactics for your cybersecurity arsenal

Cybersecurity audits: For the sake of standards

All organizations are beholden to regulations created by government departments and leading industry organizations - some more so than others. The effectiveness of cybersecurity measures is, at times, part of such criteria. Cybersecurity audits are, in fact, centered primarily around compliance. They do involve examination of the protections a given organization has in place for certain aspects of its IT infrastructure, and Nessus Professional is one such tool that can assist with compliance auditing. However, audits can often be myopic, and thus should not ever be the sole cybersecurity framework that a company uses.

Consider PCI DSS compliance for a perfect example of a cybersecurity audit's characteristics and shortcomings. Some of its requirements are extremely important, like encrypting and maintaining a firewall configuration for clients' credit card data, using (and regularly updating) antivirus software and consistently testing security systems.2 But there are organizations for whom PCI doesn't apply, and moreover, plenty of entry points for cyberattackers that don't involve financial data. The same goes for similarly sector-specific standards like HIPAA's cybersecurity requirements.

Audits centered around more comprehensive standards, like ISO 27001 or 27701, will be more efficacious. The 2019 update3 to 27701, in particular, involves particularly robust data protections, likely to keep up with the GDPR regulations that are often cited for their meticulousness. But the fact remains that if you orient your cybersecurity procedures around compliance and audits, your organization is setting a ceiling for how well-protected it can be. Audits must always be accompanied by ongoing vulnerability assessments and other cybersecurity best practices.

Threat modeling: Preemptive catastrophizing

Knowing how many vulnerabilities your network has and where they are is obviously critical. How else are you going to rectify these flaws? But in certain circumstances you may need to know much more.

Imagine that you knew a cyberattack on your organization was either imminent or highly likely. This wouldn't require clairvoyance on your part; perhaps you're part of an industry that's frequently targeted by malicious online actors. Or maybe a specific malware is bouncing around your city or region (the way WannaCry spread through multiple countries, and then crossed continents, in a matter of hours4).

Threat modeling can be extremely valuable in this situation. At its essence, this methodology entails envisioning the results of a specific cyberattack on your organization.5 Such projections should include monetary and data losses, time spent dealing with the attack's immediate and lasting consequences, estimates of how big a hit each department or business unit will take and other key performance indicators.

Using these bottom-line numbers about cyberattack impact can help impress the seriousness of the issue upon people in your organization who might not fully understand it otherwise. Threat modeling can also be applied as a preemptive tactic and built into the overall structure of your organizational cybersecurity strategy. 

Bug bounties: Bringing in the mercenaries

Penetration testing is a more conventional form of ethical hacking — especially if you commission a third party to handle it. On the (somewhat) less typical end of the spectrum lie bug bounties.

Instead of hauling in cattle thieves in the Wild West, ethical hackers who pursue bug bounties seek cash rewards from organizations who want their security flaws uncovered and patched. Sometimes these assignments are low-key affairs between one business and a white-hat security consultant; others are part of programs maintained by tech giants like Apple, Facebook and Google — and the U.S. military.6

Commissioning bug bounties may not be the right play for all organizations, but if you can afford it — and you find a trusted white-hat — it can be useful for tracking down vulnerabilities in the network that your IT team can't spot.

A balanced approach

There's no single right answer when it comes to developing a cybersecurity strategy. It all depends on the needs of your organization, which will probably fluctuate over time. By balancing a comprehensive vulnerability assessment program with savvy deployments of all of the methods described above, you give yourself and your business the best chance at a truly secure network and IT infrastructure.

Nessus Professional is the industry-leading vulnerability assessment solution. Try it today with a free 7-day evaluation.

Start Your Free Nessus Trial

1. TechTarget, "Pen Test (Penetration Testing)," October 2018
2. PCI Security Standards Council, "Maintaining Payment Security,"
3. ISO, "Security Techniques: Extension to ISO/IEC 27001 and ISO/IEC 27002," August 2019
4. BBC News, "Cyber-Attack: Europol Says It Was Unprecedented in Scale," May 2017
5. Daniel Miessler, "Information Security Assessment Types," December 2019
6. Tripwire, "10 Essential Bug Bounty Programs of 2020," June 2020

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training