Chapter 19
Managing Security Processes
IN THIS CHAPTER
Automating tasks
Watching for misbehavior
Outsourcing your security testing
Keeping security on everyone’s mind
Information security is an ongoing process that you must manage effectively over time to be successful. This management goes beyond periodically applying patches and hardening systems. Performing your security tests repeatedly is critical; security vulnerabilities emerge continually. To put it another way, security tests are a snapshot of your overall information security, so you have to perform your tests continually to keep up with the latest issues. Ongoing diligence is required not only for compliance with various laws and regulations, but also for minimizing business risks related to your information systems.
Automating the Security Assessment Process
You can run a large portion of the following security tests in this book automatically:
- Ping sweeps and port scans to show what systems are available and what’s running (a big oversight that’s often the beginning of larger security problems).
- Password ...
Get Hacking For Dummies, 6th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.