In a surprisingly detailed 20+ page report titled “UNDER THE HOODIE: Actionable Research from Penetration Testing Engagements“, Rapid7 – provider of tools such as Metasploit and Nexpose – is sharing some very interesting insights into the choices being made by companies in their penetration testing and what the testers are uncovering. Released just moments ago, this research report provides details on: how much organizations budget for pen testing engagements; what information organizations are most interested in protecting, despite the recent uptick in online industrial espionage; what percentage of sites are free of exploitable vulnerabilities; the easiest ways for attackers to execute their attacks; and how often pen tests successfully identify and exploit software vulnerabilities. The statistics provided will likely help many companies refine or initiate their own penetration testing. The findings are based on 128 penetration tests that the company conducted in Q4 of 2016. They reveal many interesting details and some surprising details on testing choices such as: internal vs external testing pentesting engagements; different lengths of engagements; various customer testing priorities; choices made by organizations of vastly different sizes; and similarities across a range of different industries (verticals) You can learn a lot about the types of vulnerabilities exposed, how credentials can be uncovered and accounts compromised – even those using two-factor authentication (2FA), that account lockout thresholds are commonly exceeded to limit credential guessing, and how escalating privileges can often take a pentester from one compromised user account all the way to domain admin privileges. Surprises The study uncovers some important, some surprising, and some fairly worrisome observations that might drive your own pentesting efforts – such as the high percentage of vulnerabilities created by system misconfiguration, the facts that 2/3 of penetration testers remaining undetected, that the industry you’re working in doesn’t make as much difference as you might imagine, and that domain admin access was achieved in nearly a quarter of the testing engagements. The report also exposes the most serious and the most prevalent vulnerabilities encountered — such as SMB relaying (the process of impersonating Windows-based clients and servers to each other) and how this technique along with broadcast name resolution can lead to a successful exploitation of an entire Microsoft-based network. It demonstrates how sophisticated and effective pentesting can be through three “Under the Hoodie” very detailed write-ups that show the approach taken and what was learned in each of three separate testing engagements. In these, we see some penetration testing specialists taking deep dives, and following leads to demonstrate the extent to which organizations can be compromised. Ready to start reading? Full of interesting details and insights, the report shows what penetration testing is likely to expose and how it can help drive your organization’s efforts to a focus on changes that are likely to pay off immediately. One of the most interesting aspects of the report is the number of things that I would never have anticipated — such as how little the differences between types of organizations, from technology vendors to retail firms, matter with respect to what they most want to protect. You might also be intrigued by how sophisticated pentesting can be in not only identifying weaknesses in your defenses, but in exploiting them. This impressive report is well worth reading with its treasure chest of insights on penetration testing and the security flaws it reveals. And it might just change your priorities and data security plans for 2017. Related content how-to How to find files on Linux There are many options you can use to find files on Linux, including searching by file name (or partial name), age, owner, group, size, type and inode number. By Sandra Henry Stocker Jun 24, 2024 8 mins Linux opinion Linux in your car: Red Hat’s milestone collaboration with exida With contributions from Red Hat and critical collaborators, the safety and security of automotive vehicles has reached a new level of reliability. By Sandra Henry Stocker Jun 17, 2024 5 mins Linux how-to How to print from the Linux command line: double-sided, landscape and more There's a lot more to printing from the Linux command line than the lp command. Check out some of the many available options. By Sandra Henry Stocker Jun 11, 2024 6 mins Linux how-to Converting between uppercase and lowercase on the Linux command line Converting text between uppercase and lowercase can be very tedious, especially when you want to avoid inadvertent misspellings. Fortunately, Linux provides a handful of commands that can make the job very easy. By Sandra Henry Stocker Jun 07, 2024 5 mins Linux PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe