8 BUILDING ORGANISATIONAL CAPABILITY FOR PENETRATION TESTING
This chapter discusses how organisations can go about developing the capacity to arrange to have penetration tests performed and the different ways in which this can be approached. In particular, it explores the relative strengths and weaknesses of performing this service with ‘in-house’ resources, using external resources or using a combination of both.
IN-HOUSE PENETRATION TESTING COMPARED WITH THIRD-PARTY PENETRATION TESTING
There are similarities and differences between ‘in-house’ and ‘third-party’ testing. In this section I elaborate on what exactly is meant by these terms.
‘In-house’ penetration testing is generally taken to mean that the penetration test has been ...
Get Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.