What is Penetration Testing and Reverse Engineering?

Written By Todd Mitchell

Reverse Engineering allows a programmer to deconstruct software by taking it apart and seeing how the logical sequence occurred inside the coding. This is often used in methods to avoid encryption of anti-piracy solutions (Bosworth, Kabay, & Whyne, 2014).  Penetration testing is a form of information gathering and vulnerability analysis (Weidman, 2014).

Penetration testing is used by a company to determine its cybersecurity posture, usually for self-analysis of possible exploits that threaten the system. The difference is that DCMA allows reverse engineering, but it was not intended to let programmers circumvent technical protection measures to gain unauthorized access (Bosworth, Kabay, & Whyne, 2014).

The difference between reverse engineering and penetration testing is that penetration testing is requested by the owner of a system to help make it more secure. Whereas, reverse engineering is used to gain unauthorized access. Companies rarely resort to reverse engineering their own systems.

In a Board of Governors Report Submitted to the Florida Legislature and Governor in  December 2013 the Governor detailed a plan for the Florida Center for Cybersecurity and a $30 million dollar grant to have University of South Florida (USF) host it.  This measure is academia’s answer to fill that talent gap.

References:

Bosworth, S., Kabay, M., & Whyne, E. (2014). Computer Seurity Handbook (6th ed., p. 42.17). Hoboken: John Wiley & Sons.

Florida Board of Governors. (2013). Florida center for cybersecurity. Retrieved from http://www.usf.edu/pdfs/final-cybersecurity-report.pdf

Weidman, G. (2014).  Penetration Testing: A Hands-On Introduction to Hacking. (pp. 1-2). San Francisco, CA: No Starch Press.

Todd Mitchell
Previous

Are there any Cybersecurity Education Programs?
Next

Is “Bring Your Own Device” to work legal?