Your Yello Ring Road To Success
GOOGLE LOGIN MY ADS MY SHOP

Broadening the Scope: A Comprehensive View of Pen Testing

penetration testing cyber securitypenetration testing cyber security

Penetration tests have long been known as a critical security
tool that exposes security weaknesses through simulated attacks on
an organization’s IT environments. These test results can help
prioritize weaknesses, providing a road-map towards remediation.

However, the results are also capable of doing even more. They
identify and quantify security risk, and can be used as a keystone
in cybersecurity policies. The same can be said about broader
penetration
testing[1] practices.

Organizations gain real value from learning about others’
penetration testing experiences, trends, and the role they play in
today’s threat landscape.

The world of pen testing can be an interesting balance of open
collaboration and closely guarded privacy. While pen testers may
engage in teaming exercises, or happily talk technique when they
attend Black Hat, most organizations are extremely reluctant when
it comes to discussing their pen testing practices and results.

Of course, confidentiality and security should be kept top of
mind—sharing anything that puts data at risk defeats the point of
pen testing to begin with.

Further, publicizing security weaknesses does not help maintain
confidence in an organization’s ability to keep their customers’
information safe. However, there is still valuable data that can be
shared without divulging sensitive information.

For example, information about average pen testing team sizes
and testing frequency can help an organization determine if they
need additional resources. Learning about the different types of
tests being performed could help an organization determine its
testing priorities.

Data about how organizations are using pen testing tools may
help developers decide what new functionalities are needed. This
type of information would help penetration testing professionals
and organizations develop a better idea of today’s expectations,
practices, and challenges at a broader level, so they can continue
to improve and innovate the field.

With this in mind, Core Security is launching the 2020 Penetration
Testing Survey[2]. Core Security, a
HelpSystems Company, has seen and been a part of the evolution of
penetration testing over the years and is dedicated to its
continued advancement and growth.

If you are involved in pen testing in your organization, we want
to hear from you. By participating, you will be joining a community
of like-minded cybersecurity experts in discussing ethical hacking
program effectiveness and the resources required to deploy
them.

Want to take part in this anonymous survey that will provide
foundational research findings on pen testing? Take the
survey[3].

References

  1. ^
    penetration testing
    (www.coresecurity.com)
  2. ^
    2020 Penetration Testing Survey
    (www.surveymonkey.com)
  3. ^
    Take the survey
    (www.surveymonkey.com)

Read more