CNS Group's information assurance division CNS Hut3 has launched a PenTest Portal to teach companies how to carry out basic penetration testing techniques on their own systems.
The company said the portal is a virtual environment deliberately configured to test hacking knowledge and show its clients how to do basic penetration testing themselves. It was initially developed and tested with university students and CNS said that it is now looking to educate users on the advantages of regularly sweeping networks with a basic penetration test.
Shannon Simpson, commercial director at CNS Group, said: “Our PenTest Portal will provide clients with the practical and conceptual skills to carry out very basic penetration testing on a regular basis, freeing-up budget for a continual, advanced penetration strategy for sensitive data. It will also show the non-technical and those new to security the importance of protecting a network and where they need to close the doors to hackers.”
Edd Hardy, penetration testing team manager at CNS Hut3, said: “These days it's easy to find hacking tools on the internet, which means you no longer have to be particularly technically competent to attack an organisation.
“We want customers to sort out the basic penetration testing themselves and put good housekeeping practice in place, so that we can concentrate on the high-level issues.”
The company said that the most common and basic security errors that it still comes across are: default credentials; insecure communication such as HTTP transmission; patching; and too-simple passwords.