Duration:
1 day
Audience:
Appsec and product managers, developers, risk managers, security assurance managers

Penetration Test

This awareness session clarifies what is a penetration test (or pentest) and when it makes sense to use one.

In this session, you will learn that a pentest is not a silver-bullet solution. You will know the different types of pentest, understand how and when to use them to maximise security and reduce your costs.

Note that there is no hacking nor programming involved.

Objectives:

  • Understand the different “flavours” of a penetration test, or security assessment.
  • Know when to perform a penetration test
  • Express the security requirements for a penetration test
  • Manage a penetration test and its risks on the operational environment
  • Understand the results of a penetration test
  • Integrate the results of a penetration test to improve your security

Programme:

  • What is a pentest?
  • The different types of pentests
    • Application, Mobile, Network, Hardware, Social engineering, source code review, physical, social engineering
    • The difference between “red team” and penetration test
  • Is a pentest relavant?
    • When to do a pentest
    • When NOT to do a pentest
    • White box vs Black box
    • In production vs Test environment
    • Third-party provider vs internal team
  • Managing a pentest
    • Defining the requirements
    • Setting up the environment
    • Ensuring a successful test
    • Integrate the results of a penetration test
  • Next steps
    • How to gain benefits from multiple pentests
    • What to do beyond a security assessment

To receive a quote or to register, please contact us.