Penetration Testing and Vulnerability Assessments: A Professional Approach

Konstantinos Xynos, Andrew Blyth, Iain Sutherland, Huw Read, Emlyn Everitt

Allbwn ymchwil: Pennod mewn Llyfr/Adroddiad/Trafodion CynhadleddCyfraniad i gynhadledd


Attacks against computer systems and the data contained within these systems are becoming increasingly frequent and evermore sophisticated. So-called “zero-day” exploits can be purchased on black markets and Advanced Persistent Threats (APTs) can lead to exfiltration of data over extended periods. Organisations wishing to ensure security of their systems may look towards adopting appropriate measures to protect themselves against potential security breaches. One such measure is to hire the services of penetration testers (or “pen-tester”) to find vulnerabilities present in the organisation’s network, and provide recommendations as to how best to mitigate such risks. This paper discusses the definition and role of the modern pen-tester and summarises current standards and professional qualifications in the UK. The paper further identifies issues arising from pen-testers, highlighting differences from what is generally expected of their role in industry to what is demanded by professional qualifications.
Iaith wreiddiolSaesneg
Nifer y tudalennau7
StatwsCyhoeddwyd - 23 Awst 2010
Digwyddiad 2010 International Cyber Resilience Conference - Perth Western Australia
Hyd: 23 Awst 201023 Awst 2010


Cynhadledd 2010 International Cyber Resilience Conference

Ôl bys

Gweld gwybodaeth am bynciau ymchwil 'Penetration Testing and Vulnerability Assessments: A Professional Approach'. Gyda’i gilydd, maen nhw’n ffurfio ôl bys unigryw.

Dyfynnu hyn