Menu Icon
< back to main
 • 6 min read

Seven Pentest Phases: An Inside Look at Pentesting

Explore seven phases of a pentest and take an inside look at the differences between traditional penetration testing versus a Pentest as a Service platform.

Seven Pentest Phases: An Inside Look at Pentesting
Jacob Fox
Jacob Fox

Jacob Fox is a search engine specialist at Cobalt. With a passion for technology, Jacob believes in the mission at Cobalt to transform traditional pentesting with the innovative Penetration Testing as a Service (PtaaS) platform focused on empowering companies to build out their pentesting programs.

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

Navigating a pentest calls for insights into business processes and the technical components that support them. Requiring a diverse skill set, pentesting can quickly change from a simple security control to a complicated endeavor.

Thankfully, a new approach to pentesting known as Pentest as a Service (PtaaS) aims to make things simpler, while also improving efficiency. Yet, with this new approach, questions arise such as:

How does a Pentest as a Service platform differ from traditional pentesting?

What components of the pentesting life cycle change with Pentest as a Service?

Looking at the different steps of a pentest illuminates the differences here. Furthermore, understanding a test’s individual steps helps customers navigate it with ease. With that in mind, this article provides an overview of each phase.

Steps of Pentest Phases

As with any complicated business service, understanding the process improves the overall experience for both service providers and their customers.

With regards to the pentesting process, understanding this process enables businesses to better plan for testing and improves results with a clear understanding of the testing timeline. More broadly, pentesting offers businesses a proactive cybersecurity tactic to improve their security posture by identifying and remediating vulnerabilities before an attacker does.

Pentests break down into seven phases starting with reconnaissance, leading into the actual test, and ending with reporting, remediation, and retesting. With this in mind, let’s take a closer look at each phase.

1. Asset Scoping

During the reconnaissance phase, businesses and testers begin to outline their digital assets for testing. This step aligns the two parties involved and opens the way for a more efficient testing process.

For both traditional pentests and PtaaS, the reconnaissance phase often must occur between each test. Yet, within a PtaaS platform, users can leverage descriptions of their previous assets for future testing and get set up within a few clicks. This unlocks one of many small efficiencies generated by using a SaaS model for pentesting.

Efficiency becomes even more critical in the context of DevSecOps; as more organizations pursue faster deployments, security teams need to pentest more regularly than once a year.

2. Discovery Phase

magnifying glass for the discovery phase in pentesting Within the discovery phase, testers begin to gather open-source intel. This phase in the process, similar to a pre-testing phase, allows the testing experts to better understand vulnerabilities from the perspective of an outside attacker.

The goal is for the pentester to gather as much information as possible to identify vulnerabilities. This process takes many forms ranging from WHOIS lookup to social media profiles and publicly available email addresses.

This information can reveal the different potential attack vectors to explore further. For example, a public social media profile may show the location of an internal security team member and allow the attackers to target systems while a core security team member rests. While this is a simple example, it shows the power of leveraging publicly discovered information.

3. Hacking Attempt and Exploitation

Now begins the actual test.

Pentesters begin to investigate the tech stack and start to penetrate the network. This more technical component in the testing process requires true experts to properly find any system vulnerabilities to report upon.

4. Continuous Collaboration

While using a PtaaS platform, throughout the testing process, customers and testers collaborate to provide a more thorough testing experience. This enables the testers to hunt down vulnerabilities faster, but it also brings benefits to the customers; with frequent communication and updates, they have more opportunities to steer the test in the direction towards their priorities.

This may seem counterintuitive at first since an attacker would not have such access to internal knowledge, but it’s often surprising how much information is available online given enough time and resources. Since attackers do not have a set deadline to penetrate a system, they have an unfair advantage over pentesters who have to achieve results within a certain SLA. Collaborating with testers helps them focus on the right places and produce better results.

5. Reporting & Remediation

animated computer for the report remediation phase in pentesting One of the most important steps in the pentesting process is reporting and remediation. In this phase, testers share their findings with two end goals in mind.

First, reporting fuels the remediation process with information on discovered vulnerabilities and their associated risk. Since all vulnerabilities cannot be reasonably remediated, the report helps determine priorities.

Second, the pentest report ensures upper management understands the business implications of the pentest results. This in turn helps secure the necessary resource allocation. Without resources to remediate, simply knowing about vulnerabilities solves little to nothing.

With these goals in mind, customers will find the reporting APIs and other automation tools empower the remediation process to be more efficient for engineering teams on a PtaaS platform compared to the static PDF report delivered at the end of a traditional pentest.

6. Retesting

While not all PtaaS platforms offer retesting, at Cobalt, this value-add is available.

Retesting confirms the discovered vulnerabilities have been properly remediated. Without retesting, this assurance falls upon the shoulders of the engineers who patched the vulnerability but may not have experience with pentesting.

While the retesting process ranges from a few simple clicks to starting a completely new pentest, the difference depends upon the platform and pentesting service provider. With a PtaaS platform, companies often will find the process closer to a single simple click, as is available with Cobalt.

With traditional testing, the costs and process of retesting will vary between service providers. Generally speaking, these antiquated testing processes often require a full new test (at an additional cost) to complete the end goal of testing.

7. Repeat

repeat phase in penetration testing With a successful pentest complete, remember security should be an ongoing effort, rather than bolted on retroactively. With this in mind, after completing a pentest, proactive companies will start preparing for their next test.

When it comes to a traditional pentest, many of the preliminary steps to start testing must be repeated from scratch. On a PtaaS platform, one of the value propositions consists of a more autonomous approach to future testing. For example, legacy assets already recorded on the platform will not have to be recorded again and businesses can readily view previous vulnerabilities discovered to uncover broader development best practices to help avoid future vulnerabilities.

In closing, it’s important to keep in mind the end goal and value generated through proactively pentesting digital infrastructure. Furthermore, take a look at the Cobalt PtaaS process, with insights from Cobalt CSO Caroline Wong.

For your pentesting needs, contact Cobalt and see how Pentest as a Service (PtaaS) empowers teams to take a more agile approach to testing.

Live Pentesting Demo Cobalt

Modernizing Pentesting

Related Stories

Cobalt Launches Public API to Further Modernize Pentesting
Cobalt Launches Public API to Further Modernize Pentesting
Learn how our latest feature can give you more flexibility with your pentest data.
Read moreArrow Right
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
Each year, we publish The State of Pentesting report to provide a detailed overview of vulnerabilities and identify the trends and hazards that impact the cybersecurity community.
Read moreArrow Right
Difference between Security Scanners, Bug Bounties, & Manual Pentesting
Difference between Security Scanners, Bug Bounties, & Manual Pentesting
Learn about the difference between cybersecurity scanners, bug bounty programs, and manual penetration testing with insights from the Cobalt team!
Read moreArrow Right
Cobalt Credits — Unlock Flexible Pentesting
Cobalt Credits — Unlock Flexible Pentesting
We recently announced a lineup of product enhancements to our Pentest as a Service (PtaaS) platform that are designed to give agile…
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens