Network Security & Pen-Testing
Emulating the Bad Guys
A Penetration Test, or Pen Test, is the process of actively testing your organizations security measures by attempting to penetrate network security using a variety of measures. It is, in essence, hacking your organization in order to evaluate and harden the security measures already in place.
What is tested?
A penetration test will involve the systematic analysis of all the security measures in place. A full project should include some or all of the following areas, with the exact requirements usually being agreed in a formal scoping document prior to commencing (this list is provided courtesy of the OSSTMM):
| || |
After the completion of a penetration test the deliverables will included a detailed analysis of the methodology used to conduct the test, the results of the various attempts at compromise, as well as detailed documentation on remediation of any security flaws found.