From the course: Security Testing Essential Training
Join today to access over 25,500 courses taught by industry experts.
Penetration tests
From the course: Security Testing Essential Training
Penetration tests
- [Instructor] And after decades of performing all of these different types of assessments for a wide variety of clients, I found that the penetration test is the pinnacle of a security assessment. When conducting those other assessments, you're collecting information with the goal of identifying weaknesses that an attacker might exploit to damage an organization. But during a penetration test, you attempt to actively exploit those weaknesses yourselves. I'm an advocate of using the output from these other assessments when scoping your penetration test. The insights from those other assessments can provide pentesters with ideas on which systems and processes to target, and how to go about attacking them. But this all depends on the client's preferences. There are different penetration testing models that cater to different preferences. Take white box penetration testing. This refers to an engagement where the client provides the pentester with a considerable amount of internal…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
Language is important2m 22s
-
(Locked)
Risk assessments2m 19s
-
(Locked)
Calculating risk score3m 19s
-
(Locked)
Security controls assessments2m 6s
-
(Locked)
NIST and ISO4m 7s
-
(Locked)
Compliance assessments2m 57s
-
(Locked)
Vulnerability assessments3m 23s
-
(Locked)
Penetration tests2m 45s
-
(Locked)
Goals of a pen test2m 4s
-
(Locked)
The security assessment lifecycle3m 32s
-
-
-
-
-
-
-
-