In This Chapter

Automating tasks

Watching for misbehavior

Outsourcing your security testing

Keeping security on everyone’s mind

Information security is an ongoing process that you must manage effectively to be successful. This management goes beyond periodically applying patches and hardening systems. Performing your security tests repeatedly is critical; information security vulnerabilities emerge constantly. To put it another way, security tests are just a snapshot of your overall information security, so you have to perform your tests continually to keep up with the latest issues. Ongoing vigilance is required not only for compliance with various laws and regulations but also for minimizing business risks related to your information systems.

Automating the Ethical Hacking Process

You can run a large portion of the following ethical hacking tests in this book automatically:

• Ping sweeps and port scans to show what systems are available and what’s running
• Password cracking tests to attempt access to external web applications, remote access ...