The IT Industry is full of terms and acronyms (see our DDoS Dictionary) and one that I have seen a lot of recently is DDoS Pen Testing, usually where Pen Testers are looking to include DDoS Testing as well. I wrote an article a while back on Penetration Testing and DDoS Testing and how these work together. Of course, every organization has to decide what specific cybersecurity measures are relevant and practical for their business but as IT security experts, we are here to ensure you have all the best advice and information to help you reach the best decision.
DDoS Testing is becoming more prevalent within organizations looking to ensure their systems are prepared for a real-life DDoS attack. We were an early adopter of DDoS Testing technology, and we know only too well the difficulties faced with carrying out tests that will measure how successful your mitigation is, and also the legal implications of carrying out deliberate efforts against networks – even if they are your own!
Penetration testing has also been in the news for tripping alarms while carrying out legitimate testing practices.
So be careful out there with your DDoS Pen Testing decisions! There is a fine line between a fair and accurate set of tests that can yield excellent results for your business, and give you the tools you require to strengthen your security, and a damaging approach that will just disrupt your business and your relationships with your suppliers. If you are in any doubt on the best way forward give us a call.
Everyone loves a few statistics (cybersecurity statistics are often incredibly scary) and they demonstrate exactly why you need to keep on top of your cybersecurity:
- Network perimeter breaches to access LAN resources successful in 92 percent of pen tests.
- 75% of penetrations are caused by poor protection of web applications.
- In 63% of systems, Wi-Fi security weaknesses enabled access to LAN resources.
- In 2018, 20% of companies with 50 employees or experienced a DDoS attack.
You can read about more DDoS statistics here.
It is pretty clear that DDoS Pen Testing is going to be a major consideration for any organization that takes IT security seriously, and the data shows that employees are vulnerable to phishing attempts, networks are vulnerable to weak web applications, and entire systems can suffer from sustained DDoS attacks.