Penetration Testing
Added on 2023-03-31
8 Pages1625 Words478 Views
Running head: PENETRATION TESTING
PENETRATION TESTING
Name of the Student:
Name of the University:
Author Note:
PENETRATION TESTING
Name of the Student:
Name of the University:
Author Note:
1PENETRATION TESTING
Table of Contents
Introduction................................................................................................................................2
Discussion..................................................................................................................................2
Penetration testing methodologies.........................................................................................2
Standard Operating Procedure or SOP...................................................................................3
Conclusion..................................................................................................................................4
References..................................................................................................................................5
Appendix....................................................................................................................................7
Decision tree...........................................................................................................................7
Table of Contents
Introduction................................................................................................................................2
Discussion..................................................................................................................................2
Penetration testing methodologies.........................................................................................2
Standard Operating Procedure or SOP...................................................................................3
Conclusion..................................................................................................................................4
References..................................................................................................................................5
Appendix....................................................................................................................................7
Decision tree...........................................................................................................................7
2PENETRATION TESTING
Introduction
The number of cyber-attacks have increased in the last few years and it has adversely
affected both governments and businesses. This has increased the need for developing
security technologies such as improved web security measures, improved security protocols
and antiviruses. The number of cybersecurity agencies and companies have also increased
around the world with an increased focus on cyber security. Penetration testing is one of the
most commonly used security measure. This method is mainly used to test the defence
quality of security measures or software installed in organisation and perform vulnerability
analysis on them.
This approach is used so that the vulnerabilities in the systems can be detected earlier
so that they can be rectified before an actual attack takes place. The most important part of
penetration testing is to analyse the situation and establish a high quality solid method or
framework according to the type of the organisation and its needs. The assessment of the
infrastructure plays a vital role in this testing. A well designed and properly executed
penetration testing can be used to effectively detect flaws and improve the system.
Discussion
Penetration testing methodologies
The most widely used penetration testing methodologies are discussed below:
1. OSSTMM: This is an open source methodology that was first used in 2000 to test system
securities. It was developed by the Institute of Security and Open Methodologies. This
framework includes many different channels and modules. OSSTMM is a type of auditing
method and is not a complete one. This method is used in corporate offices and industries to
satisfy the requirements of regulation.
2. ISSAF: This method is an open source, peer reviewed penetration testing framework that
was developed by the Open Information Security Group. The framework is a complete
framework which includes multiple different methodologies and can be used for all types of
possible penetration testing tests.
3. OWASP: This methodology is non-profit which is designed for increasing the security of
software. This includes many types of different testing methods, testing tools and guides that
are designed for cyber security software. It comes with an open license and is mainly used for
Introduction
The number of cyber-attacks have increased in the last few years and it has adversely
affected both governments and businesses. This has increased the need for developing
security technologies such as improved web security measures, improved security protocols
and antiviruses. The number of cybersecurity agencies and companies have also increased
around the world with an increased focus on cyber security. Penetration testing is one of the
most commonly used security measure. This method is mainly used to test the defence
quality of security measures or software installed in organisation and perform vulnerability
analysis on them.
This approach is used so that the vulnerabilities in the systems can be detected earlier
so that they can be rectified before an actual attack takes place. The most important part of
penetration testing is to analyse the situation and establish a high quality solid method or
framework according to the type of the organisation and its needs. The assessment of the
infrastructure plays a vital role in this testing. A well designed and properly executed
penetration testing can be used to effectively detect flaws and improve the system.
Discussion
Penetration testing methodologies
The most widely used penetration testing methodologies are discussed below:
1. OSSTMM: This is an open source methodology that was first used in 2000 to test system
securities. It was developed by the Institute of Security and Open Methodologies. This
framework includes many different channels and modules. OSSTMM is a type of auditing
method and is not a complete one. This method is used in corporate offices and industries to
satisfy the requirements of regulation.
2. ISSAF: This method is an open source, peer reviewed penetration testing framework that
was developed by the Open Information Security Group. The framework is a complete
framework which includes multiple different methodologies and can be used for all types of
possible penetration testing tests.
3. OWASP: This methodology is non-profit which is designed for increasing the security of
software. This includes many types of different testing methods, testing tools and guides that
are designed for cyber security software. It comes with an open license and is mainly used for
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
What is penetration testing? | What is pen testing?lg...
|10
|2053
|53
Standard Operating Procedure for Penetration Testinglg...
|11
|1708
|256
The Differences between OSSTMM and PTESlg...
|7
|1101
|60
Assignment - Penetration Testinglg...
|12
|2834
|28
Penetration Testing Reportlg...
|16
|2973
|89
Penetration Testing Penetration Testinglg...
|52
|9148
|85