We recently caught up with Adrian Furtuna, Founder of Pentest-Tools.com, and he told us he started his business because he wanted to be able to automate penetration testing so he could focus on the engagement aspect of its relations with its customers.
Private Internet Access: What motivated you to start your business?
Adrien Furtuna: About seven years ago I was working as a full time penetration tester for one of the Big Four companies. Since I was doing a lot of manual work, I thought a lot of it could be automated, so as a pen tester I could focus on more interesting work. In penetration testing, some parts of the job can be automated, but others not. I figured I could make a much better use of my time by focusing on the parts of engagement that can’t be automated and leaving the other parts to certain tools to do the work for me. So this is the main reason why I launched the Pentest-Tools, which currently have the main objective of making the life of a penetration tester much simpler and more efficient.
PIA: What do you like about working in cybersecurity?
A F: I love working in cybersecurity because every day has a new challenge. Every day there are new vulnerabilities and new attacks. It is a very dynamic field. And it’s also very stimulating and interesting. In cybersecurity, you can’t be bored if you love the field.
PIA: Tell me what your business does.
A F: Pentest-Tools.com creates an online platform for penetration testers that helps them perform penetration testing much easier and more efficiently than the traditional manual method. In the platform we have several tools which are divided into categories for Discovery, Web Vulnerability Analysis, Network Vulnerability Analysis and Exploitation.
Recently we have developed a new tool in the operating section of which we are very proud, Sniper, which automatically exploits the latest and most critical vulnerabilities that affect widely used software. You can think of this tool as an automated Metasploit. It is very useful to see which targets are vulnerable at a glance. Then it automatically exploits them in order to see the vulnerability risk to your customer so that they can act on it immediately or to postpone the patch if it’s not as critical as typical vulnerability scanners say.
Besides the tools, we have a lot of features in the platform also to make the penetration testing work more efficient. We have a module that allows you to create easy to use reports, automation functions and scheduling options. You can continuously monitor a set of assets. We have a full-fledged platform that can be used to perform end-to-end penetration testing.
PIA: Why do individuals and businesses need a good VPN?
A F: A good VPN should provide both of these. You use a VPN to encrypt your communication and avoid being intercepted by man-in-the-middle attacks.
PIA: What do you think are the worst cyber threats that exist today?
A F: Everyone is talking about ransomware. But we also have to consider the human behavior that allows these attacks.
PIA: How is the pandemic changing cybersecurity for the future?
A F: There has been a change in the working aspects of the employees. Employees primarily work from home, so network and systems security has evolved from corporate security to home security. System administrators now have to worry about ensuring that employees have very strong endpoint solutions for protection and also increasing their employees’ security awareness so that they are not easily attacked. If they do, employees who work from home will become the network entry point and attackers could gain access to the corporate network.