Procuring Penetration Testing Services

Procuring Penetration Testing Services

by CREST
Released May 2014
Publisher(s): IT Governance Publishing
ISBN: 9781849285759

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat to key systems is ever increasing and the probability of a security weakness being accidentally exposed or maliciously exploited needs to be continually assessed – such as via a penetration test – to ensure that the level of risk is at an acceptable level to the business.

A penetration test involves the use of a variety of manual and automated techniques to simulate an attack on an organisation’s information security arrangements – either from malicious outsiders or your own staff. Undertaking a series of penetration tests will help test your security arrangements and identify improvements. When carried out and reported properly, a penetration test can give you knowledge of nearly all of your technical security weaknesses and provide you with the information and support required to remove or reduce those vulnerabilities. Research has shown that there are also other significant benefits to your organisation through effective penetration testing, which can include:

  • A reduction in your ICT costs over the long term
  • Improvements in the technical environment, reducing support calls
  • Greater levels of confidence in the security of your IT environments
  • Increased awareness of the need for appropriate technical controls
    •

    Product information

    • Title: Procuring Penetration Testing Services
    • Author(s): CREST
    • Release date: May 2014
    • Publisher(s): IT Governance Publishing
    • ISBN: 9781849285759