5Planning for a Controlled Attack
At this point, we have investigated the various elements of information security. We have discussed common models of addressing security, the business of addressing security, and how exploiting vulnerabilities can have an impact on the value of the test based on the beliefs within the organization.
Using these discussions as a foundation, we move into planning for an attack. All too often, integral components of a test are not contemplated before unleashing the invasion. It is necessary to contemplate discrete inborn attributes common to all forms of testing before you can expect any value from the engagement. To accomplish this we discuss each area in an effort to help you determine what aspects will have ...
Get CISO's Guide to Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.