You are previewing Procuring Penetration Testing Services.
O'Reilly logo
Procuring Penetration Testing Services

Book Description

Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat to key systems is ever increasing and the probability of a security weakness being accidentally exposed or maliciously exploited needs to be continually assessed – such as via a penetration test – to ensure that the level of risk is at an acceptable level to the business.

A penetration test involves the use of a variety of manual and automated techniques to simulate an attack on an organisation’s information security arrangements – either from malicious outsiders or your own staff. Undertaking a series of penetration tests will help test your security arrangements and identify improvements. When carried out and reported properly, a penetration test can give you knowledge of nearly all of your technical security weaknesses and provide you with the information and support required to remove or reduce those vulnerabilities. Research has shown that there are also other significant benefits to your organisation through effective penetration testing, which can include:

  • A reduction in your ICT costs over the long term
  • Improvements in the technical environment, reducing support calls
  • Greater levels of confidence in the security of your IT environments
  • Increased awareness of the need for appropriate technical controls