» Penetration Testing

Qué es? como se realiza?

En unos dias, en castellano, & by me

Introduction: What is a penetration testing?

A penetration test is the process of actively evaluating your information security measures. There are a number of ways that this can be undertaken, but the most common procedure is that the security measures are actively analysed for design weaknesses, technical flaws and vulnerabilities; the results are then delivered comprehensively in a report, to Executive, Management and Technical audiences.

Why penetration testing: Why would you want it?

There are several reasons why organisations choose to perform a penetration test; they range from technical to commercial but the most common are:

* Identify the threats facing your organisation's information assets so that you can quantify your information risk and provide adequate information security expenditure.
* Reduce your organisation's IT security costs and provide a better return on IT security investment (ROSI) by identifying and resolving vulnerabilities and weaknesses. These may be known vulnerabilities in the underlying technologies or weaknesses in the design or implementation.
* Provide your organisation with assurance - a thorough and comprehensive assessment of organisational security covering policy, procedure, design and implementation. Penetration Testing
* Gain and maintain certification to an industry regulation (BS7799, HIPAA etc).
* Adopt best practice by conforming to legal and industry regulations.