Approaching your security testing from the perspective of ethical hacking is not just for fun or show. For numerous business reasons, it’s the only effective way to find the security vulnerabilities that matter in your organization.

The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods

If you’re going to keep up with external attackers and malicious insiders, you have to stay current on the latest attack methods and tools that they’re using. I cover some of the latest tricks, techniques, and tools throughout this book.

IT Governance and Compliance Are More than High-Level Checklist Audits

With all the government and industry regulations in place, your business likely doesn’t have a choice in the matter. You have to address security. The problem is that being compliant with these laws and regulations doesn’t automatically mean your network and information are secure. The Payment Card Industry Data Security Standard (PCI DSS) comes to mind here. There are countless businesses running their vulnerability scans and answering their self-assessment questionnaires assuming that that’s all that’s needed to manage their information security programs. You have to take off the checklist audit blinders and move from a compliance-centric approach to a threat-centric approach. Using the tools and techniques covered in this book enables you to dig deeper into your business’s true vulnerabilities.

Hacking ...