CHOOSING A SUITABLE SUPPLIER

Organisations can carry out penetration testing themselves, sometimes very successfully. More often they will decide to employ the services of one or more specialist third party penetration testing providers.

Findings from the research project indicated that the main reasons why organisations hire external suppliers are because these suppliers can:

  1. Provide more experienced, dedicated technical staff who understand how to carry out penetration tests effectively, using a structured process and plan;
  2. Perform an independent assessment of their security arrangements;
  3. Carry out a full range of testing (eg black, white or grey box; internal or external infrastructure or web application; source code review; and social engineering); ...

Get Procuring Penetration Testing Services now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.