PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
July/August 2012

How to pen test: Why you need an internal security pen testing program

In today's complex security landscape, new threats are emerging on a regular basis, and we have more vulnerabilities than ever before. As part of a sound security program, most mature security teams have developed a vulnerability management program that includes network and application scanning, patching, and risk assessment. However, many organizations are now asking themselves if it's time to take these programs to the next level by adding penetration testing capabilities into the mix. For many reasons, ranging from compliance mandates to improved vulnerability and threat intelligence, the answer should be a resounding "yes." Yet there's often some confusion on how best to approach pen testing, what kinds of skills are needed, the tools to use, how often to do it, and what the process should look like in general. We'll clarify best practices for security pen testing and explain how to build an internal testing program and measure its success. Why you need an internal pen testing team There are many reasons why organizations ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue