Creating reliable team with right the mindset and mutual trust is essential in every business. In cybersecurity when working with sensitive information, those values are essential within the team and the company. To introduce the team of offensive security, we have decided to make an insight to teams’ structure. Working in cybersecurity is not a “regular” job. It is a choice to make information and systems more secure. To explain the driving force behind offensive security, we took some time to speak with one of LIFARS’ team leaders Milan Kyselica.
LIFARS: Milan, can you introduce yourself to our readers? What do you do at LIFARS?
Milan Kyselica: I am currently the head of the offensive security department and a penetration tester at LIFARS. I have many responsibilities, working on many different types of engagements. The type of engagements I work on include web application, external, and internal penetration testing, red teaming, spear phishing, just to name a few. Besides that, there is always something to do on internal projects.
To keep up with other field professionals, continuous research of what the threat actors are currently exploiting is important. You have to know the latest vulnerabilities and modern tactics, techniques and procedures.
LIFARS: Why is offensive security important to companies? Are there any myths surrounding penetration testing?
Milan Kyselica: From my perspective, it is understanding the offensive methods & techniques. Learning the fundamentals about vulnerabilities increases the ability to solve security issues faster. Deeper understanding the ways to hack the systems, may in some cases uncover easy-to-solve misconfigurations. Penetration testing and vulnerability assessment provide feedback to companies (as well as engineers) that can be easily reflected on. Regular testing before a release is usually done only on functional or UX level. Penetration tests go through the logic of applications and have ability to access systems in big picture.
Regarding the myths, I would mention one. A lot of people still believe that vulnerability assessment is the same thing as the penetration testing. That is crazy.
LIFARS: Can you explain the difference between vulnerability assessment and penetration testing for those who are too afraid to ask?
Milan Kyselica: Yeah, sure. Vulnerability assessment is a process of identifying vulnerabilities in applications and systems using automated scanning tools such as OpenVAS, Nessus, and others. Findings are presented in a list of known vulnerabilities found during the scan, prioritized by severity or business criticality.
When it comes to penetration tests, this type of security testing delivers depth over breadth. It doesn’t look just for known vulnerabilities since the goal to is to discover, attempt to exploit any vulnerabilities and systematically compromise endpoints, web servers and others. Penetration testing can discover unknown misconfiguration and vulnerabilities. The main difference is that penetration testing is goal-oriented, but vulnerability assessment is list-oriented exercise.
LIFARS: What was the turning point when you decided to work as a penetration tester? How did you start you career?
Milan Kyselica: Since I was a child, I knew that cybersecurity is a career path I want to take. In my first job, I have started working as a software tester. I liked the way you need to be creative and precise to find connections, evaluate systems as one complex system that is created from smaller interconnected parts. Most of the time it is combination of seemingly unrelated issues that creates path for an attacker. Continuing with web and mobile application testing, I have started my career as a penetration tester.
LIFARS: What is the difference between hackers and ethical hackers? How does the motivation change?
Milan Kyselica: Let’s start with what exactly is a hacker. A hacker is a person who likes to find out how things work or how to influence them to work differently. The difference is that the ethical hacker’s client is paying him to identify vulnerabilities and misconfigurations for the client under a contract. Ethical hacker never intrudes or attacks anyone without permission.
However, a black hat hacker has no contract signed and is attacking systems, infrastructures and technologies that do not belong to him or her. Malicious hackers do not care about principles, ethics and the damage done.
Stay tuned for part 2 of this interview.