cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Newcomer I

Penetration Testing and Ethical Hacking

Good Morning,

 

We are reviewing our organization's information security posture, and we have a few questions that we would like to pose to the group:

 

1) What activities does your organization engage in for the areas of penetration testing and/or ethical hacking?

 

2) Which of these activities do you consider valuable (and would recommend), and what key risks are associated with implementing them?

 

3) Are there other activities in these areas that you hope to implement in the future?

 

We appreciate any feedback (if your feedback is too sensitive for posting, we'd be happy to email or setup a call, etc.).

 

Thanks!

 

-Ed

4 Replies
Highlighted
Community Champion

Re: Penetration Testing and Ethical Hacking

@EdSkinner1    Try this consolidated link via OWASP and OSSTMM, NIST-800-115 etc:

 

https://owasp.org/www-project-web-security-testing-guide/latest/3-The_OWASP_Testing_Framework/1-Pene...

 

This should give you a good grounding and a baseline to determine what you want from Ethical Penetration Testing services and for contractual purposes and measurement.

 

Regards

 

Caute_Cautim

Tags (3)
Highlighted
Advocate III

Re: Penetration Testing and Ethical Hacking

@EdSkinner1 

My former employer did a lot of research on and use of phishing attacks. My core advice on using phishing attacks as part of your EH set is to make sure it is set up as a training experience for the employees, and not a gotcha jump on them.

Also, make darn sure you pay special attention to targeting your whales. 

 

Good luck,

 

Craig

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html
Highlighted
Newcomer I

Re: Penetration Testing and Ethical Hacking

Thanks!

Highlighted
Newcomer I

Re: Penetration Testing and Ethical Hacking

Thanks!