Executive's Guide to Essential Penetration Testing Techniques

Executive's Guide to Essential Penetration Testing Techniques

One of the foundational ideas behind penetration or pen testing is that to understand how hackers break into corporate systems, it makes sense to hire someone with the same skillset to do just that. Penetration testers, though, go far beyond scanning systems for malware or finding vulnerable network ports. Instead, they're applying battle-proven techniques that have been used in "the wild". A pen testing team is skilled at understanding the mindset of attackers and will recreate attack plans reconnaissance, credential gathering, and privilege escalation to test their clients' defenses and find the weak points.

While there is something of a dark side mystique about pen testing, it actually fits solidly into traditional compliance standards, such as NIST 800 53, PCI DSS, ISO 27000, and more. It's really part of the risk assessment controls found in these standards.

In this whitepaper, we go through essential penetration testing techniques you should be aware of, if you want to do it effectively.