Description
The Objective of a penetration test is a pro-active approach to validate and test security controls in a manner that resembles a cyber-attack, allowing you to understand vulnerable areas within your environment
By Performing regular penetration testing the following can be addressed:
• Test your security controls
• Identify vulnerabilities
• Maintain Compliance
• Enforce a Security Strategy
An external black-box penetration test is to harden the perimeter of your environment (firewall, VPN, etc.) as well as any external services that may be exposed to the internet (e.g. cloud infrastructure, DMZ services like email). The Testers are not provided with any architecture diagrams or source code that is not publicly available, there is also no knowledge of the target system. They are placed in the role of the hacker(ethical) Steps Involved: *Intelligence Gathering *Vulnerability Analysis *Exploitation * Post- Exploitation * Reporting
