Phase 8
Security Testing
Security testing is a key component of the security professional’s duties. Attackers are becoming more sophisticated every day; therefore, security professionals are required to scan systems and networks to look for vulnerabilities. Security-testing tools can examine internal or external systems. Some of these tools are free, whereas others require you to pay an annual subscription.
Security-testing tools are not perfect. Any given tool can produce false positives or negatives, or simply wreak havoc on your network if not used correctly. You need to plan on using these tools at the appropriate times. You should also have a remediation plan in place to address any discovered problems.
What makes these tools so useful ...