833-847-3280
Schedule a Call

How Can I Tell a Real Pen Test from a Fake?

There are a lot of companies selling penetration tests (pen tests), but how do you know if what you are getting is a real pen test? When it’s something that’s less tangible than, say, getting an oil change, it can be hard to determine if what you are purchasing is what you need.

That’s why MainNerve has written up a few pointers.

A Real Pen Test will be more expensive.

Software makes things a lot easier, which typically equates to lower cost. The problem with using only software is that it’s as good as the programming.  The software usually can’t take into account things that a human brain can, like skirting business logic or researching default credentials.

Consequently, a real pen test is more expensive due to a pen tester’s experience.  The more tests they conduct, the more information they have to work with when looking for vulnerabilities. The testers will have a better understanding of what may happen when vulnerabilities are actually exploited and not just scanned.

Don’t worry if a company says they use software to help them find vulnerabilities. Unethical hackers will use all the software they can to try to attack their target. A good pen test should reflect that real-world experience.  It should be a mix of some automated searching and manual testing. It makes things a little easier and quicker, translating into the price.

Testers will have the necessary credentials.

The testers should also have certifications, such as CISSP or OSCP. Many certifications require continuing education to maintain them, showing that the tester is always learning since vulnerabilities are ever-evolving. An ethical pen test company should be proud to display its tester’s certifications.

A real pen test will take more than an hour to test.

Because of the manual nature of a real pen test, the testing time should take more than an hour. A good question to ask any vendor is, “how long will it take?”  The company will probably offer an estimate, as it depends on how many vulnerabilities are found and what types of vulnerabilities are discovered.

The account managers should ask many questions during scoping.

Since a real pen test will involve more than a basic vulnerability scan, giving extra information to the account managers will help the testers conduct a more thorough test. Knowing things like IP addresses, the types of devices, and URLs and credentials for applications will make the test easier and quicker. The testers should be looking at everything they can to let you know if you have any open holes.

For a full red team exercise, where a tester has no knowledge other than who the target is, the time for research could be weeks, meaning you are paying for all that time. That will also translate into the cost, and likely not in a way you want unless you know that red teaming is what you need.

A real pen test company should be able to provide sample reports.

These sample reports will likely be redacted but should reflect the type of work the company does. They should be more than a list of Common Vulnerabilities and Exposures (CVE), also known as a vulnerability scan. The report should have screen captures to prove a vulnerability was discovered and remediation recommendations.

 

Many factors go into a real pen test and how you can determine if a company is providing that service. We here at MainNerve hope this helps you make that determination.  We strive for transparency when and wherever we can.

Latest Posts

A transparent image used for creating empty spaces in columns
With the release of PCI DSS 4.0, penetration testing is no longer viewed as just a once-a-year checkbox item. Instead, the standard takes a dynamic, risk-based approach that aligns testing with real-world threats, changes in system environments, and evolving business operations. Rather than applying a…
A transparent image used for creating empty spaces in columns
Penetration testing is one of the most powerful tools in an organization’s cybersecurity arsenal. But a test is only as valuable as the action it inspires. Too often, penetration test reports are treated as one-off exercises or compliance checkboxes. The real value comes when those…
A transparent image used for creating empty spaces in columns
As cyber threats grow more complex and persistent, regulatory frameworks like PCI DSS 4.0 have evolved to demand more rigorous and transparent security practices. One of the key updates in PCI DSS 4.0 is the enhanced requirement for penetration testing reports, pushing organizations to go…
A transparent image used for creating empty spaces in columns
A penetration test, also known as a pen test, is a crucial cybersecurity measure that enables organizations to identify vulnerabilities in their networks, applications, and security controls. However, the real value of a penetration test lies in how well an organization can interpret the findings…
A transparent image used for creating empty spaces in columns
The release of PCI DSS 4.0 introduces significant enhancements to the security landscape, particularly in the area of security controls and penetration testing. While penetration testing has always been a critical component in identifying vulnerabilities within a network or system, the updated PCI DSS standards…
A transparent image used for creating empty spaces in columns
Social engineering attacks remain one of the most effective ways cybercriminals gain access to sensitive information, systems, and financial assets. Phishing, pretexting, baiting, and other manipulative tactics exploit human psychology, making it difficult to defend against using technical measures alone. Organizations often use social engineering…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
On Load
Where? .serviceMM
What? Mega Menu: Services