Rapid7 Research Uncovers Key Vulnerabilities and Credential Issues for Tech Organizations
Internal network configuration and patch management continue to provide “easy” soft targets to penetration testers, who can often move laterally about the network without being detected.With tech companies particularly susceptible to both internal and external threats, an annual penetration test can help these organizations discover their key security gaps and plan for next steps to properly shore up their security. But what kinds of things do pen testers commonly find during these engagements? What do organizations need to do better?
Report Snap Shot
In 76% of tech sector engagements, penetration testers were able to compromise at least one username and password combination.