A study on penetration testing process and tools
| Autor: | Babak D. Beheshti, Hessa Mohammed Zaher Al Shebli |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
business.industry
Process (engineering) Corporate governance 020206 networking & telecommunications 030206 dentistry 02 engineering and technology Penetration test 03 medical and health sciences 0302 clinical medicine Risk analysis (engineering) Penetration (warfare) Information technology management 0202 electrical engineering electronic engineering information engineering Professional ethics Technological advance business |
| Zdroj: | 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT). |
| DOI: | 10.1109/lisat.2018.8378035 |
| Popis: | Information is more vulnerable than ever; and every technological advance raises new security threat that requires new security solutions. Penetration testing is conducted to evaluate the security of an IT infrastructure by safely exposing its vulnerabilities. It also helps in assessing the efficiency of the defense mechanisms tools and policy in place. The Penetration testing is conducted regularly to identify risks and manage them to achieve higher security standards. In this paper we discuss the importance of penetration testing, factors and components considered while conducting a penetration test, we present a survey of tools and procedures followed, role of penetration test while implementing in the IT governance in an organisation and finally the professional ethics to be possessed by the team involved in penetration test. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|