- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Companies are struggling to keep up with a barrage of network security nightmares, including viruses, worms and hacker attacks. This makes it more difficult to protect core assets, such as sensitive personnel information, customers' credit card numbers and intellectual property. There are frequent reports of supposedly secure networks failing, resulting in lost revenue and damaged reputations.
To combat these increasing threats, network administrators must choose from a host of products, services and practices. Two common solutions are penetration testing and vulnerability scanning. These solutions are often lumped together, but there are significant differences between them. Vulnerability scans identify potential problems based on an evaluation of a network's defenses and known vulnerabilities. Penetration testing reveals more information about a network by actively attacking a system, probing all defenses and revealing real, not theoretical, vulnerabilities.
Both methods have an important role in testing network security. At Core Security Technologies, we recognize the importance of vulnerability scanning, use it in our consulting practice and partner with several companies that provide this technology. But while vulnerability scanning is a good first step, it shouldn't be considered the final step, because it doesn't answer the fundamental question, "Is my network secure?"
Vulnerability scanning does not address the implications of an intrusion, leaving network administrators to determine if a vulnerability is real or a false positive, if it can be exploited and what risk it poses to a network. Without determining the true threat to a network, administrators must devote resources to patching every vulnerability, often wasting significant time and effort patching systems that may not require it.
A penetration test is an authorized attempt to breach the security defenses of a system using the techniques of hackers, worms and viruses. With a penetration test, you exploit vulnerabilities in your network and try to replicate the kinds of access a hacker could achieve and identify which resources are exposed. The results go far beyond the data yielded by a vulnerability assessment. An administrator is able not only to quickly identify and prioritize real vulnerabilities but also to gain insight into the effectiveness of other security measures in place.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment