White Paper

In an effort to help our clients reach their desired state of security, SecureState performs many different security assessments, with penetration testing among the most common. Penetration testing simulates an attack on a network and is often as close as an organization can come to experiencing a security breach, while still maintaining a level of
control.

The goal of these tests is to determine what level of compromise potential attackers might be able to achieve, and what kind of data they might be able to access. But it’s not enough to know what attackers can do. It’s also important to know how they can do it. This is what we call the Vulnerability Linkage—the anatomy of an attack, the sequence of exposures and tactics that ultimately leads to a compromise. If you know how an attack might unfold, you can better prevent, detect, and respond to it.

We perform hundreds of penetration tests each year, and we inevitably see trends in the vulnerability linkages — exposures that show up time and time again that contribute to a compromise. This paper will present SecureState’s annual analysis1 of the trends we saw in 2016 penetration tests, including:

  • Initial Attack Vector

  • Associated Vulnerabilities

  • Industry Specific Analysis