Академический Документы
Профессиональный Документы
Культура Документы
Penetration Testing
By: Michael Lassiter Jr. (@EthicalMJPen)
Vulnerability Assessment
Vulnerability Assessment:
• Is the assessment of a system to determine if it has vulnerabilities or
weaknesses that need to be resolved or patched.
• Is also known as a security audit.
• Can be performed by one person or a team of vulnerability researchers or
security engineers.
• Is often known as a flaw or weakness that could be exploited by an outside
attacker or compromised by internal personnel.
• Is necessary because many organizations, companies, and health facilities are
required to meet certain compliance.
• HIPPA regulations are important so that health facilities hire the services
of pen testers in order to meet compliance with vulnerability assessment
being a great portion of the service.
• Penetration testing usually falls under three categories: Black Box, Gray Box,
and White Box.
• Black Box does not include any knowledge of the structure of the system,
so this type of testing simulates the approach of an outside attacker.
• Gray Box includes only a limited knowledge of the layout of the target.
• White Box testing occurs when a penetration tester has complete
knowledge of the layout of the target(s).