Irregular Expressions

Aug 28 2012   11:26PM GMT

Pen Testing

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I find it strange that physical pen testing and digital seem to have some sort of impenetrable wall between them when I talk with people. I know when doing a pen test you have your scope of what is off limits and how far you are supposed to go. These limits can be business based, maybe on critical systems that cannot experience down time no matter when. Or even cost based that there is only so much in the cookie jar for this project.

Pen testing is great but I think you need to be careful on what your are testing, is it the ability to make a scope to satisfy the stake holders and prevent system down time ( Don’t think that I am saying to disregard this ) or test the ability of the network to withstand penetration?

Also if you are do a pen test why not include a physical aspect? Maybe walk in the front door as the delivery man? Maybe not do it on the first day, case out the place. Do a little research find someone going on vacation you can use as a mark. I know it’s a little hard when you work there but is something to get you thinking of the non-main line ideas you can pull.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: