informa
Slideshow

How to Run a Successful Penetration Test

These seven tips will help ensure a penetration test improves your organization's overall security posture.
Define the Organization's Goals
Set a Budget
Gather Information and Issue Initial RFPs
Set the Rules of Engagement
Determine a Plan for Follow-up
Pen Tests and Red Teaming Can Be Different
Decide Whether the company Has the 'Heart' for a Red Team Exercise
1/7

Penetration tests are an important part of any security program. Indeed, most companies in the Fortune 200 – maybe even the Fortune 2000 are well along in their security maturity model to include at least an annual pen tests, experts say.

Jim O'Gorman, chief content and strategy officer at Offensive Security, says the best pen tests are tailored to the company's goals, delivering actionable results that help it establish clearly identified next steps to continue improving their security.

"A tailored assessment ensures that what the assessment team looks into is what matters to your business," O'Gorman says. "It's really the difference between buying a product that's easy to deliver versus buying one that matches what your company needs to correctly improve its security posture."

Bottom line: It's not just about basic vulnerabilities. Pen tests should be for improving overall security posture. Anything less is not worth the time, effort, and money. 

Here are some tips to get you started.

 

 
Next slide
Recommended Reading: