🍹Early to RISA 🧉@sh.itjust.worksM to Greentext@sh.itjust.works · 8 days agoAnon is a white hat hackersh.itjust.worksimagemessage-square45fedilinkarrow-up1734arrow-down116
arrow-up1718arrow-down1imageAnon is a white hat hackersh.itjust.works🍹Early to RISA 🧉@sh.itjust.worksM to Greentext@sh.itjust.works · 8 days agomessage-square45fedilink
minus-squareEcho Dot@feddit.uklinkfedilinkarrow-up33·8 days agoYou hope it’ll set off alarms. Sometimes it doesn’t, mostly because they don’t have monitoring setup.
minus-squarejol@discuss.tchncs.delinkfedilinkarrow-up13·8 days agoOr because you hacked into the wrong company. This has happened multiple times.
minus-squareEcho Dot@feddit.uklinkfedilinkarrow-up2·7 days agoThat’s what happens when you do off the book stuff on company time. Got to organize yourself better.
minus-squarejol@discuss.tchncs.delinkfedilinkarrow-up3·7 days agoI’ve even heard stories of physical pen testers entering the wrong company. Oops.
minus-squareCornelius_Wangenheim@lemmy.worldlinkfedilinkarrow-up23·7 days agoPen tests aren’t cheap. Even basic ones are ~$20k. There’s only 2 types of companies that bother with them: ones that care about cybersecurity and ones that have to do it for compliance (PCI/CMMC/etc). Both will have some kind of IDS and a SIEM.
You hope it’ll set off alarms. Sometimes it doesn’t, mostly because they don’t have monitoring setup.
Or because you hacked into the wrong company. This has happened multiple times.
That’s what happens when you do off the book stuff on company time. Got to organize yourself better.
I’ve even heard stories of physical pen testers entering the wrong company. Oops.
Pen tests aren’t cheap. Even basic ones are ~$20k. There’s only 2 types of companies that bother with them: ones that care about cybersecurity and ones that have to do it for compliance (PCI/CMMC/etc). Both will have some kind of IDS and a SIEM.