As mentioned throughout this book, the value of penetration testing is realized when used in conjunction with threat modeling and as part of an overall risk assessment process to make risk mitigation strategies more efficient and cost-effective. This is effectively the return on investment (ROI) for penetration testing. No organization has unlimited resources, so defensive measures must be prioritized to be most effective and efficient in defense and cost.
Many people confuse the terms remediation and mitigation and often use them interchangeably, not knowing the difference. But they are not quite ...
Get Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.