Premium Content

Access "The penetration tester is alive and well"

Published: 18 Oct 2012

The malingering debate over the viability and lifespan of penetration testing as an art form and penetration testers as a species is getting tiresome. Tiresome because those doing the arguing generally confuse terms, juxtapose vulnerability management with pen-testing, and generally don't understand what white-hats do during an enterprise poke-and-probe. Let's get it straight once and for all: Pen-testing is not dead. Some vendors and expert types would like you to believe that and will try some Jedi mind-tricks to convince you -- for only a second, hopefully -- that you can, for example, automate penetration testing. You can't. Automated scans are great and are the center spoke of vulnerability management programs. They help with asset discovery and generally are good at telling you what machines are lacking which patches and if you've got a cockeyed configuration or two. But that's not a pen-test, and too many companies are confounding that as a pen-test. Pen-tests are conducted by people who are contracted to infiltrate your organization and hammer away ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...