Addressing the lack of knowledge around pen testing

2021-01-12 05:30

The waters are also muddied by a tendency to conflate pen testing with red teaming, which is both more expansive and more expensive.

Most organizations operate with tight security budgets and the human element of pen testing makes it notably more expensive than standard automated vulnerability scanning and management tools.

Pen testing is the next logical step, with a focus on finding more complex issues that are likely to be missed by initial scans.

The issues discovered through pen testing will often go beyond simple software updates and may require changes to operational processes and staff training.

Even if a large number of issues are unearthed, the pen testing team can help with prioritizing which to tackle first.

Ideally, regular pen testing should be scheduled as part of the organization's security strategy as it matures.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/tbKvWzi4Pw8/