O'Reilly logo

Hacking For Dummies® 3rd Edition by Kevin Beaver

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 18. Managing Security Changes

In This Chapter

  • Automating tasks

  • Watching for misbehavior

  • Outsourcing testing

  • Keeping security on everyone's mind

Information security is an ongoing process that you must manage effectively to be successful. This goes beyond periodically applying patches and hardening systems. Performing your ethical hacking tests repeatedly is critical; information security threats and vulnerabilities emerge constantly. Additionally, ethical hacking tests are just a snapshot of your overall information security, so you have to perform your tests continually to keep up with the latest security issues. Ongoing vigilance is not only required for compliance with various laws and regulations but also for minimizing business risks related to your information systems.

Automating the Ethical Hacking Process

You can run a large portion of the ethical hacking tests in this book automatically if you have the right tools:

  • Ping sweeps and port scans to show what systems are available and what's running

  • Password-cracking tests to attempt access to external Web applications, remote access servers, and so on

  • Vulnerability scans to check for missing patches, misconfigurations, and exploitable holes

  • Exploitation of vulnerabilities (to an extent, at least)

Note

You must have the right tools to automate tests:

  • Some commercial tools can set up ongoing assessments and create nice reports for you without any hands-on intervention — just a little setup and scheduling time up front. This is why ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required