Procurement Best Practices
Procuring the services of an outside consulting firm or vendor to conduct an objective risk and vulnerability assessment is not an easy task. This is especially true if the assessment is to be intrusive or nonintrusive.
Many organizations desire a rigorous risk and vulnerability assessment that includes the use of tools to find and uncover risks, threats, and vulnerabilities on a production network. This type of intrusive assessment means that the assessor will utilize tools and monitor the IT infrastructure during production hours when tests will be conducted. Some organizations demand that a nonintrusive risk and vulnerability assessment be conducted given the sensitivity and nature of their production systems and ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
