White Box vs. Black Box Penetration Testing
When it comes to hacking, there are many technical aspects that can be difficult to grasp without an extensive background in the field. One of the most common sources of confusion is the comparison between black box penetration testing and white box penetration testing.
White Box Penetration Testing
White box penetration testing can also be called glass box penetration testing or clear box penetration testing. In any case, it's an approach to penetration testing that relies on the knowledge of the target system's internal configuration. It uses this information for the test cases.
For applications, the source code of the application will usually be provided for white box penetration testing. Design information and even interviews with the developers may also be included. For infrastructure penetration tests using the white box method, the test cases will use infrastructure details and network maps.
Regardless of the test case, the goal of a white box penetration test is to get as much info as can be had. The penetration tester is trying to collect as much feedback as they can so that they can gain further insight and, ultimately, understand the system so that they can further elaborate their penetration tests.
Black Box Penetration Testing
A black box penetration test does not require any up-front information to be given to the penetration tester. Instead, the penetration tester will approach the test case like a real hacker would. This means they have little to no background information about the system and they don't have internal maps or other information either.
This allows testing to get started with very little prep work, and it allows the penetration tester to identify weak spots based on what a real-world hacker is most likely to target. However, that can leave some spots of the infrastructure untested.
Making a Decision
Each method has its own set of advantages and drawbacks.
For white box tests, the advantages include:
- White box penetration tests are deep and thorough
- These tests maximize the use of time spent testing
- The testing area tests even areas that black box testing can't reach, like the quality of the code
For black box tests, the advantages include:
- A black box test is a more realistic attack because it takes the stance of a non-informed potential attacker.
- It simulates a very realistic scenario, helping a business be on their highest guard.
The biggest disadvantage to a black box penetration test, of course, is that some scenarios can't maximize testing time. Some areas of the infrastructure may also remain unreached and, therefore, untested in a black box scenario. But, the testing of a black box penetration will focus on the areas hackers are most realistically likely to target.
Keeping all of this in mind, there is no right or wrong decision when it comes to choosing a type of penetration testing. It really depends on the scenarios you are looking to test and what you feel will make the most of your resources.
Most Recent Articles
- A beginner-friendly intro to the Correlator for effective cybersecurity detection
- Inotify in ASAB Library
- From State Machine to Stateless Microservice
- Entangled ways of product development in the area of cybersecurity #3 - LogMan.io
- Entangled ways of product development in the area of cybersecurity #2 - BitSwan
You Might Be Interested in Reading These Articles
Snap to It: Mobile Secure Gateway Is In Your Future
The enterprise world is changing. In the past, enterprises built their IT infrastructure as isolated data fortresses and did everything they could to prevent outsiders from accessing their data. But now they need to open that fortress to allow communication via mobile technologies. And this hole is where hackers strike.
Published on July 07, 2015
You Can Build Apps for the Apple TV, But Do You Know How to Do It Securely?
Apple will want to dominate the market for TV apps. To achieve this objective, it’s understandable that Apple makes it easy for app developers to create apps and games for the Apple TV platform using tvOS and profit from them just as they have already done so for the iPhone and iPad devices. Developers can leverage similar frameworks and technologies since tvOS is just a modified version of the iOS. They can even retrofit the apps that were previously developed for iOS to support the Apple TV’s tvOS.
Published on June 29, 2016
OpenSSL DROWN Vulnerability Affects Millions of HTTPS Websites and Software Supporting SSLv2 (CVE-2016-0800)
DROWN is caused by legacy OpenSSL SSLv2 protocol, known to have many deficiencies. Security experts have recommended to turn it off, but apparently many servers still support it because disabling SSLv2 requires non-default reconfiguration of the SSL cryptographic settings which is not easy for common IT people who have limited security knowledge and don’t know the location to disable this protocol and the way to disable it.
Published on April 12, 2016