Are You a Fit for Penetration Testing?

Looking for the holes in someone else’s work may seem like a rather negative job. One suited for an individual who likes to say “I told you so.” Or “Look what you missed.” But this is far from the case with an IT team’s penetration tester.  

Pen testers are helpers. They love being part of the team and beyond finding things that are wrong or need repair, they want to help with finding ways to improve the flaws and make them right.  

 

In addition to this team spirit, there are a number of other skills suited to being a penetration tester. Before we dive into that aspect of the job, let’s consider where they fit into today’s cybersecurity environment. 

 

Red Plus Blue Makes Purple 

In cybersecurity, there’s a concept about team colours: red teams, blue teams and purple teams. While some will give hard and fast rules about what kinds of teams are red, blue or purple, they can actually be more fluid than expected, especially when it comes to purple teams.  

 

Red teams are those who attack. These individuals have probably taken cybersecurity courses, but they are also likely to be highly exposed to the most current and advanced tools and techniques to hack networks and systems. They may have taken penetration testing courses like CompTIA PenTest+. When working for an organization to find flaws, we call these people ethical hackers or white hat hackers.  

 

They are the ultimate penetration tester, but they work alone or with other red team members. Just as a hacker would when trying to find ways to infiltrate an organization’s system. 

 

Blue teams are the defenders. These are the IT team members who work to prevent and patch infiltrations and risks to an organization’s systems and networks. They too will also have taken some cybersecurity training and probably have even earned specific designations like CompTIA security+ certification among other credentials. The goal here is to combat anything the red team (and ultimately the real hackers or black hat hackers) might exploit. 

 

Purple teams are defined as the team that oversees and optimizes the red and blue teams working together. It’s a bit like a double-agent role where they constantly work with the two teams to feed them more information to find ways to weaken the other’s attempts. Penetration testing courses can be a huge benefit to those in this traditional purple role so that they can suggest areas to thwart the work of the red or blue teams. 

 

PenTest Goes Purple 

However, we propose a different look at the purple team and suggest that some penetration testers can really morph into the ultimate purple team rather than being on the red team. Any penetration testing done by the red team is typically done on their own, without knowledge of the blue team unless they are fed information 

 

Instead, in a different format for the purple team, we know there are pen testers who work within the organization’s space are connected to the blue team. They attend meetings together, interact and share information which makes them far less red and much more purple. They do “red team” work to find flaws and expose issues, but not with an “I told you so” attitude. They look at these weaknesses as opportunities to work with their team members to help guide ways to fix issues and improve the organization’s effectiveness as a whole.  

 

Who Makes a Good Penetration Tester? 

Definitely someone who is interested or involved with IT and specifically cybersecurity, is a good candidate for pen testing, but there’s more to it than that. Penetration testers are inherently curious. They are meticulous and enjoy going “down a rabbit hole” looking for detail. Not only are they good at documenting everything they do, but they are also good communicators, able to tell others exactly what they did and how something happened.  

 

To excel as a penetration tester, you need to enjoy working with others to not only find problems but also suggest solutions. You should be equally comfortable working on your own as well as in a team environment and you enjoy reviewing data and creating reporting methods. 

 

Additionally, you need to have strong communication skills to assess how organizational team members may be creating security problems. If you find potential password or security issues in an individual’s behaviours, you’ll need to have the person-to-person interaction skills to help them understand the problem and the solution.   

 

Pick Your Team 

Whether you decide to take your penetration testing skills to the red team or work in a new purple team role, you’ll be doing work that makes a difference. There is no stopping the volume of cybersecurity attacks and penetration testing is the true home of prevention. Your organization may not throw a party in your honour when you do great work, but you will be appreciated.



Written by Ronda Payne

Comments

Post a Comment

Popular posts from this blog

What is Ethical Hacking?

Quite often, information security professionals are required to have CEH certification, which means they have the knowledge of ethical hacking and are able to perform it as part of their work responsibilities. Ethical hacking, which is also referred to as penetration testing or intrusion testing, is an essential part of assessing the vulnerability and weakness of computers, networks and information systems. As a result of ethical hacking, security specialists identify the risks of real attacks and take measures to protect the organizations they work for. It is recommended that IT specialists take a certified ethical hacker course to understand the procedures of ethical hacking and the instruments they are allowed to use. They should adopt the mindset of a hacker for the duration of the penetration test and find out the answers to the following crucial questions: 1.        What can the possible attacker gain access to? What information or system is the most vulnerable and should
Read more

Why The CISSP Exam Changes

Image
If you’re looking to become a certified information systems security professional you need to get your CISSP Certification. In order to get your CISSP Certification, you need to take the CISSP exam. Before you take the exam, you need to get CISSP training, like the (ISC) 2 accredited CISSP exam prep course offered at TechnoEdge.   If you’ve been looking into taking the exam you may have noticed a recent announcement that the exam will be updated and changed in 2021. The CISSP exam is actually updated on a fairly regular basis. Typically, each update happens 3 years after the last. The CISSP has seen updates in 2012, 2015, and 2018. This may seem unusual, but there’s good reason for keeping the exam updated regularly.   A Rapidly Changing Profession Certified information systems security professionals are based in the technology sector, and the tools and knowledge required to perform their job are constantly changing and evolving. By updating the exam on a regular basis, the CISS
Read more

How to Get a Cybersecurity Job

Image
Cybersecurity is a booming industry and one of the best ways to get involved in the tech sector. There are hundreds of thousands of openings in cybersecurity with almost as many job titles to choose from. Ethical hackers, IT security managers, network security specialists, incident responders, and so many other positions are all viable options for a cybersecurity career. To help set you on the path to an exciting career in cybersecurity, we’re going to go over how you can find a job in the industry, and what you’ll need to stand out in the job market. Take Stock of What You Know If you’re already in IT and looking to specialize in cybersecurity, you can use your current skills to narrow down what role you’ll play in cybersecurity. If you’re skilled at writing and understanding code then you’ll be able to identify and protect against malicious code. You could even build on that existing skill by taking an ethical hacking course, like the one offered at TechnoEdge. Even if you do
Read more