Penetration Testing

Print Friendly, PDF & Email

Sometimes called “pen testing” for short, penetration testing is a method of evaluating the security of a computer system or network by simulating an attack in order to find vulnerabilities that a malicious attacker could exploit.

Attackers could be malicious outsiders (who do not have an authorized means of accessing the organization’s systems) and malicious insiders (who have some level of authorized access). Both have to be accounted for.

Penetration testing is an evolving area of IT security practice.

Some sources of information about penetration testing and the types of tests that can be performed are:

Assuring Adequate Testing

Some IT security practitioners have estimated that up to 80 per cent of penetration testers do not perform adequate tests, while charging top dollar for their services.

This can only happen to you if you fail to include these five critical test planning and execution actions:

1. Account for the interests of your stakeholders
2. Develop testing goals and specific results requirements
3. Establish a clearly written scope for testing
4. Define the testing rules of engagement
5. Include a 3rd party review of test plans and test results

Success in Testing: Clearly Actionable Results

You don’t have to be a testing expert, or even a computer or network technologist, to get an effective penetration test with actionable results that allow you to improve systems and network security per your actual risk picture.
You just need to make sure that someone on the test team can provide you with plain language insight into the testing process, and that together you verify that the five actions listed above are getting accomplished.

Assistance with Testing

RBCS can provide you with assistance in test planning, assembling a test team, assuring adequate testing, and reviewing plans and results. We can also provide you with fully qualified testing resources.

Call us to review your need and see if we can help: (949) 831-6788.