In This Chapter
Developing assessment and test strategies
Performing vulnerability assessments, penetration testing, and more
Implementing management and operational controls
Understanding test outputs
Working with auditors
In this chapter, you learn about the various tools and techniques that security professionals use to continually assess and validate an organization’s security environment.
Modern security threats are rapidly and constantly evolving. Likewise, an organization’s systems, applications, networks, services, and users (collectively, these can be thought of as vulnerabilities and risks) are rapidly and constantly evolving. Thus, it is critical that organizations develop an effective strategy to regularly test, evaluate, and adapt their security environment to reduce the risk of successful attacks.
Organizations need to implement a proactive assessment and test strategy for both ...