Pentest - Remote vs On-site

Penetration tests, or pentests for short, can be carried out by an analyst on site or remotely. This article aims to explain the advantages and disadvantages of the 2 different options. Most types of penetration tests or red-teaming scenarios can be performed remotely, e.g. via a VPN connection or a hacking box. Some audits, such as those that follow a red teaming approach, are only possible with on-site interaction.

Advantages of the on-site Pentest

Slower Scans via VPN

If a customer "only" provides a VPN connection, some tests that belong to the low layer in the OSI/ISO model could be more time-consuming.

Smalltalk

Many customers appreciate having small talk with "the paid hacker" and looking over his shoulder while he works.

Flexible with Network Segmentation

If several network segmentations are in the scope of the penetration test, the pentester can flexibly change the physical networks on site.

Advantages of remote execution

Travel Costs

The major advantage of remote execution is that the customer saves on travel costs.

Hacking Box

The customer only has to physically insert the hardware box into the target network so that the pentester can dial into the box via the mobile network to gain full access to the respective network.

Accessibility

Nowadays, many test objects, such as cloud infrastructures, mobile apps or web applications, are also accessible without VPN, which greatly simplifies remote execution and should always be used here.

Summary and Recommendation

In summary, it can be said that both on-site and remote implementation have their advantages and disadvantages. The decision as to which option is better depends on the customer's individual requirements and circumstances. It is therefore advisable to check in advance which option is most suitable. As a rule, performing pentests remotely is more cost-effective with the same quality of results.