The Value of Penetration Testing 

Network Security
Written By maci britt
Keep your network safe with proactive vulnerability management

Reading Time: 2 minutes

With the recent log4j vulnerability, many of your applications are no longer safe and need to be updated. But when you have a couple hundred servers and numerous applications that keep your business running, how can you be sure what’s safe and what isn’t?  


We often talk about the need for a multi-layered security approach. One product or solution will not fix all of your security needs. It takes multiple solutions working from different angles to provide you the most protection.  


Recently a client asked if we could provide some penetration testing services (often called pen testing for short). I quickly answered yes, as we’ve provided this service numerous times over the years. We typically use a product from Qualys that allows us to provide pen testing as a service. However, this particular client mentioned a product from Tenable, so I began doing some research to see what kind of offering they had.  


I have to say, I was impressed.  I hadn’t looked under the hood at pen testing products in several years and they have definitely come a long way.

Pen testing has evolved into proactive vulnerability management, constantly scanning in the background and providing reports you can use to get to work remediating what will have the most impact.   


On a regularly scheduled interval–say, weekly–your team can receive reports from a vulnerability management system that has been scanning all of your devices, telling you which devices have the most critical issues. You can then use this list to fix those issues and keep track of what has been completed.  Each week you get a new report with a prioritized list based on what will have the most impact for your organization. This is very powerful stuff.   


In this case, Tenable has the ability to be both an on-premise managed solution or a cloud managed solution.  And they have separate offerings to pen test web applications, as well as provide pen testing for internal devices or external devices or both.  


Half the battle is doing what you can to protect yourself from known vulnerabilities. To do that, you have to know where you’re exposed so you know what specifically to remediate, and that’s what this kind of software does.   


Staying secure is an investment against a future risk. It’s not cheap, but it’s definitely worth it.  You don’t want to find yourself compromised because you didn’t take the necessary precautions in the first place.   

This post was contributed by Lance Reid, our CEO. Lance has worked in the technology industry for over 25 years. He became a Cisco Certified Internetworking Expert (CCIE) in Collaboration in 2005 and has been serving on Cisco's SMB Advisory Board since 2013.

You may also like:

Featured
How to Stay Safe Online During the Holidays
How to Stay Safe Online During the Holidays
Read More →
Building a Secure Network with Cisco Meraki
Building a Secure Network with Cisco Meraki
Read More →
Financial Benefits of Outsourcing Cybersecurity
Financial Benefits of Outsourcing Cybersecurity
Read More →
maci britt

ca grown. photographer. kitchen enthusiast. practicing the way of jesus.

macielise.com
Previous

Meet the Team: Blake Carpenter
Next

911 Services for Today’s Mobile and Hybrid World