Premium Content

Access "Viewpoint: What if you can't afford pen-testing?"

Published: 22 Oct 2012

Pen Testing Pluses While I agree with Bruce Schneier and Marcus Ranum on the lack of benefit in paying someone to do penetration testing (Face-Off, March 2007), I completely disagree that it doesn't have value if you have the expertise--or at least willingness, patience and time--to do it yourself. This is something they don't address. I'm constantly doing pen testing in my network using several tools, and it's for several reasons: Security and vulnerability assessment of critical applications and servers. Penetration is not just for immediate patch needs. Pen testing shows me the flow of my environment and helps classify types of traffic. By pen testing and understanding what I face now, I can better understand how to avoid those same things in the future. Clarification of threats--while you should know your network, that is not always the case. There will always be something out there that either wasn't in your control, or isn't in your realm of expertise. Defining threats and where to look for them on your network saves time for those who don't live and ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

  • Columns
    • Hacker demonstrates targeted attack

      Hacker Robert Hansen, also known as RSnake, demonstrates the pains cybercriminals take to target specific organizations and individuals through an exercise posted on his blog, which targeted the head of Google's spam team. Hansen's exercise underscores the threat companies face from today's organized and patient cybercriminals.

    • Fight cybercrime by understanding a hacker's mind and attack motive

      Computer crime laws and security policies aren't enough to combat increasingly sophisticated cybercrime. Understanding the criminal mind and a hacker's motive can help an organization determine what assets are most valuable and better distribute security resources.

    • Interview: PayPal CISO Michael Barrett

      PayPal's 133 million online customers are the biggest ocean for phishers to plunder. CISO Michael Barrett wants to make it safe to be in the water, and he's not going at it alone. Backed by PayPal's sophisticated fraud models and help from ISPs, Barrett is succeeding in protecting the most-spoofed brand on the Internet.

    • Bruce Schneier and Marcus Ranum debate whether a 'Big Brother' watches today's information society

      Is today's information society anything like the Big Brother world envisioned by George Orwell in his book 1984? Bruce Schneier and Marcus Ranum debate the topic.

More Premium Content Accessible For Free