Developing Penetration Test Programs

It is important to remember that Penetration Testing is done on mobile devices, technology in airplanes and boats and so much more than just infrastructure associated with networks.

The reality is there are many reasons for conducting a penetration test. Aside from the obvious of seeing if your infrastructure is impenetrable, there is also the added value of finding out where you have weaknesses before an ‘attacker” does.

There are two main approaches to penetration testing.

  1. External – Can anyone get into my infrastructure from outside of the organization.
  2. Internal – Can my employees gain access to areas they are unauthorized to access. Even elevating their access credentials.

Both are important, but a tester must know which one they are testing to be beneficial.

Redmond Worldwide ensures that we understand the clients main concerns. Is it the network, systems, applications or other?

Preparation is key to a great penetration test.

  1. What are you testing?
  2. Internal or External testing?
  3. A clear understanding of the expected areas to cover. Specifically what servers, etc.
  4. Detailed notes outlining a Statement of Work
  5. Approvals
  6. Etc

Contact Redmond Worldwide for more information.


© 2005 - Redmond Worldwide, Inc. All rights reserved. Site Map | Disclaimer
Left Menu Icon
Redmond Worldwide