In this video, you will learn to describe penetration testing, why it is used, and the ethical considerations you might run into. Describe the difference between white hat, black hat, and grey hat attackers. Describe the several different types of threat actors and what characterizes each. >> Okay for our next topic be we're going to talk a little bit about penetration testing. So penetration testing, it's also called Pentest or pen testing, it's also referred as ethical hacking. It's basically the practice of testing a computer system, a network application, either web application or software application, to find security vulnerabilities that an attacker could use to exploit and gain authorized access to a system or an application. The main objective of a Pentest is to identify security weaknesses before attackers can identify them and and exploit them. A penetration testing it's a practice that requires several contracts before it can be performed. For example, service level agreement, engagement rules, all sorts of documentation to make the penetration testing a legal agreement between two parties. The penetration testers are the ones in charge of doing the technical process and they are also called white hackers. There are different type of hackers and we can divide them into three categories, basically white hat hackers, grey hat hackers and black cat hackers. The white hat hackers, as we discussed earlier, are basically the ethical hackers, people that do this under contract and for security reasons. They're authorized to perform penetration testing on companies and they do it for the good of the company. Grey hat hackers they stand like in between the white hats and the grey hats, they usually performed penetration testing without authorization, but they usually report back to the customer, not the customer, the possible victim because they were not contracted to do this. So they were not authorized for previously previously authorized by a company to perform any type of security assessment under instructor or their network. They do it anyways and they report back to the customer or the victim, the possible victim. On the other hand we have the black hat hacker, they are quote unquote the bad guys. They usually do these type of attacks for personal recognition, money, political agenda or social change. They do not do it under contract if they are not authorized to perform any type of penetration testing activity on any of their victims. We also have something called thread actors. It's basically an entity that it's partially responsible for an incident or an attack. It usually affects the security of organizations and they are also referred as malicious actors. There are different types. And with this different types there are also different skill levels associated with them. To start with during there's this script kiddies. Basically, the script kiddies are unexperienced hackers. They have limited technical knowledge and they rely on automated tools to hack. They do not develop their own tools and they pretty much use what's publicly available with very little technical knowledge. We have also the hacktivist. These type of hackers they are usually have a political agenda or a some sort of social change in their minds. There are also organized crime. These are usually external to the do the company. They're highly sophisticated, meaning they have very high technical knowledge. They are also heavily funded from an economical standpoint and they are usually attacking from some sort of a highly developed malware like Ransomware in nowadays. Insiders, they represent past or present employees, contractors, partners or any entity that has access to a company property or confidential information. The insiders can be a security risk for intentionally or unintentionally basically an insider or an employee could be fired from the company for example, and they could be motivated to perform some sort of disruption activity on the company. They are could also be unintentionally an employee may be deleting some sort of some sort of information that is not to be supposed to be deleted but they made a mistake and they deleted that information by mistake. We also have the competitors. A competitor could be a potential security risk to other organizations because they they could be motivated by maybe releasing a product before the competition. And finally we have the nation states. Nation states are external to the company. They are also highly sophisticated. They are very well economically funded, they could be something related to politics, military, technical or economic agendas. We have a few examples of some nation-state threat actors. The Fancy Bear, also called ATP28. Lazarus Group, Scarcruft also called accrued Group 123 or the APT29. These are all examples of nation state funded hacking organizations.
