Penetration tests are the universally accepted approach to assessing organisation security posture, but zero days and high paced infrastructure changes have demonstrated its limitations and snapshot approach to cybersecurity.
Vulnerability scanners have come a long way in attempting to bridge this gap, providing automated round-the-clock posture assessments, but their functionality falls short. Identifying a litany of vulnerabilities without the capability to interrogate them, meaning a high rate of false positives.
This made Felix Nagy question his toolset as a corporate pentester; the market's enterprise vulnerability scanning options were too narrow in scope, focusing exclusively on limited sections of the attack surface, barely interrogating vulnerabilities and only financially viable for larger businesses. Motivated to fill this gap, Felix developed a continuous automated pentesting solution tailored to small IT teams, and with it, the “Push Button Pentesting” concept.
Let’s dive into depth what Push Button Pentesting is and how it compares to traditional penetration testing.
Most commonly penetration testing is a manual security assessment where a “tester” assesses your security posture by attempting to breach your IT infrastructure. It’s a hands-on and in-depth security test conducted by security specialist(s) or ethical hackers.
Penetration testers will use similar tools, software, applications and skills to real world hackers to find and exploit vulnerabilities within your IT estate.
After the penetration test is concluded, the tester(s) create a full report containing a description methodology, all its findings and results and recommendations for enhancing your security posture.
Penetration tests can take anywhere from one day to several weeks, depending on complexity, such as which systems are targeted etc. Due to this complexity, engagement becomes prolonged and costs become staggering - high quality pentests can easily run up to € 50,000.
Penetration tests are typically conducted either bi-annually or annually, depending on the size of the organisation and the sensitivity of the data it holds.
And that’s an immediate disadvantage; with the speed that new cyber threats evolve and the number of vulnerabilities are discovered on a yearly basis, static and periodic security testing is no longer sufficient. Hundreds of new threats and vulnerabilities can be found after concluding one penetration test and remain undiscovered until your next, leaving your business at risk.
Push Button Pentesting (PBP) marks a significant evolution in penetration testing practice, offering a dynamic and efficient alternative blending of several critical components - vulnerability scanning, simulated attacks, social engineering and comprehensive reporting - into a cohesive ongoing process.
At its core PBP automates and perpetuates the cycle of identifying and addressing security weaknesses within an organisation’s digital infrastructure.
The process begins like any threat actor: black box fast recon to identify information hiding behind a given domain - IP addresses, DNS records, the email exchange - followed by an analysis of reach result e.g. mx records and load balancers. Following this, comes a deep network scan to understand the services being run on each machine and, finally, the vulnerability scan, where PBP tools systematically analyses networks, applications, and systems to identify potential security vulnerabilities.
This scanning is far-reaching and thorough, covering a wide array of potential weak spots such as unpatched software, misconfigurations, and security loopholes. Unlike traditional, periodic scans, PBP ensures that this process is continuous with real-time vulnerability identification.
This is where the vulnerability scanners stop, but PBP then engages in simulated attacks. This phase is akin to ethical hacking where the system is probed and tested using various attack methodologies to exploit identified vulnerabilities.
In this instance, the process is fully automated, using open source attack exploits, a critical step not that only verifies the existence of vulnerabilities but also assesses their potential impact on the system’s security, whilst in turn considerably lowering false positives.
The subsequent steps involve the interrogation of the organisational IT tech supply chain; through Content Delivery Networks (CDNs) compromise, misconfigured firewalls are bypassed to test the resilience of third party software updates.
As the closing part of the sequence, the PBP solution embarks on social engineering: a full OSINT scan is conducted to uncover employee names and their individual interests, followed by a dark web scan to uncover compromised company user leaks, with both results correlated to build user profiles. If the solution can find a way in, it will then automatically create an Active Directory or Google Directory account in order to achieve credibility. Once the solution reaches a predicted 80% success rate, based on these amalgamated data sources, it will start to engage with that user on Microsoft Teams or Slack. The more information the solution has, the more likely the user will buy into the ruse and click on a link sent by this supposed employee of the company.
By simulating real-world attack scenarios, PBP offers practical insights into how an actual breach might occur and the extent of its possible damage.
And the reporting mechanism of PBP is a crucial element. After each round of scanning and testing, PBP generates detailed reports that outline discovered vulnerabilities, the results of the simulated attacks, and an analysis of your security posture. These reports are designed to be comprehensive yet understandable, providing actionable insights that enable IT teams to prioritise and address the identified security issues. The continuous nature of these reports means that organisations are always equipped with up-to-date information, allowing for swift and informed decision-making in strengthening their cybersecurity defences.
Push Button Pentesting is a fully automated sequence combining multiple traditional security tools in one “push button” initiated sequence. Combining vulnerability scanning, pentesting, IT supply chain attacks and social engineering attacks creates significant advantages for organisations and smaller IT (security) teams.
Real-time identification of vulnerabilities; In a digital landscape where cyber threats rapidly evolve, this immediate detection is crucial for maintaining robust security defences. This ongoing process not only ensures comprehensive coverage of the entire network and system infrastructure but also brings consistency and standardisation to the testing process. Unlike periodic manual testing, which might vary in thoroughness and frequency, PBP maintains uniform security standards across all systems and applications.
Automation brings cost-efficiencies; It reduces the need for frequent manual testing, which can be resource-intensive and require significant investment in external cybersecurity expertise. Furthermore, by minimising human intervention, PBP lowers the risk of errors that can occur in manual processes. This aspect is particularly valuable in repetitive and labour-intensive testing scenarios, where human oversight can lead to gaps in security.
Scalability; As organisations grow and their network infrastructures become more complex, PBP adapts accordingly, ensuring that new components of the system are continually assessed for vulnerabilities. This scalability is essential for organisations handling sensitive data or those experiencing rapid growth. Through fingerprinting of organisational networks and infrastructure, any changes - network extensions, patched vulnerabilities - are automatically rescanned. The same applies for newly introduced CVEs.
Compliance; Many industries are governed by regulations that mandate regular security assessments. PBP streamlines this process, making it easier for organisations to adhere to these requirements consistently.
"In essence, PBP isn't just a tool; it's a promise – a promise of unwavering vigilance and cutting-edge protection," - Felix Nagy
Hackurity is redesigning security testing through its unique and innovative concept of push button pen testing. By fully automating the discovery and exploitation of vulnerabilities, Hackurity is the extra pair of hands for your IT team, helping you to contextualise risks in a single dashboard, making remediation more efficient.
Developed by ethical hackers, Hackurity provides 24/7 security, focused on prevention. Headquartered in The Netherlands, Hackurity makes enterprise cybersecurity accessible to businesses around the world.