One thought on “How does Computer One conduct penetration testing?”
Arti says:
(Outside the network simulates a motivated external party, while inside the network simulates a disgruntled employee). Broadly, we deliver two types of pen test: Automated, where we scan a network for known vulnerabilities and analyse how they might be chained together to execute a successful exploit, and Manual, where we take the automated scan and attempt to attack the network from inside or outside the organisation. Ideally, your organisation should perform penetration testing once a year. Leaving it more than 12 months means a few aspects of your network can be considered positively ancient by the time they are next tested. Why? Because your network attack surface changes every year, new attack methods are added to the attackers’ arsenal and new, uneducated staff are exposed to attack.
(Outside the network simulates a motivated external party, while inside the network simulates a disgruntled employee). Broadly, we deliver two types of pen test: Automated, where we scan a network for known vulnerabilities and analyse how they might be chained together to execute a successful exploit, and Manual, where we take the automated scan and attempt to attack the network from inside or outside the organisation. Ideally, your organisation should perform penetration testing once a year. Leaving it more than 12 months means a few aspects of your network can be considered positively ancient by the time they are next tested. Why? Because your network attack surface changes every year, new attack methods are added to the attackers’ arsenal and new, uneducated staff are exposed to attack.