Penetration Test - Planning and Scoping(1)
PLANNING AND SCOPING
-
Get Permission
-
Know how much work you have to do
- Don‘t do more than that
-
Watch out for scope creep
PLANNING A PEN TEST
-
Penetration Testing Execution Standard
-
Each section of a pen test is important
-
Each step is important
-
Don‘t skip steps
- You might miss an exploit
- You might scope the test improperly
-
Lots of options in each step
-
Each pen test often conducted differently
-
Easy to waste time and effort
- Experience helps avoid this
-
Project management skills are important here.
QUICK REVIEW
- Above all else, get written permission
- Clearly define the scope to avoid scope creep
- Project management skills will help keep pen tests on the track