Penetration Testing

A guide for business and IT managers

By (author) Nick Furneaux, Dr Jims Marchang, Rob Ellis, Jason Charalambous, Moinuddin Zaki, Peter Taylor, Roderick Douglas, Felix Ryan, Ceri Charlton, Gemma Moore, Tylor Robinson, Sharif Gardner Edited by James Hayes

Publication date: 31 Jul 2019

Penetration testing is the methodology of professionally attempting to break in to an organisation's systems by exploiting any vulnerabilities, with the goal of determining whether an organisation's computer systems are secure. As hackers and would-be cyber attackers become more brazen, the importance of penetration testing cannot be stressed highly enough. This essential BCS guide for business and IT managers, in collaboration with CREST, explains the process of penetration testing and the benefits it brings. With contributions from practising penetration testers, information security experts and CREST, the book brings together a wide range of expertise, insight, and tips for setting up a penetration testing programme, maintaining it, and responding to the results of penetration tests.
Paperback - £29.99
The BCS-CREST penetration testing working group are all penetration testing experts from across the security industry. From university lecturers specialising in information security, to penetration testers and consultants, to information security managers, they all have insight to share on preparing, carrying out, and responding to penetration testing.

Dimensions: 244x170mm

Print ISBN-13: 9781780174082

140 pages

Imprint: BCS, The Chartered Institute for IT

  • Introduction: What Is Penetration Testing?
  • Groundwork For Successful Penetration Testing
  • Regulatory Management For Penetration Testing
  • Outcome- and Intelligence-led Penetration Testing
  • Scoping A Penetration Test
  • Selecting Tools and Techniques
  • Penetration Test Coverage and Simulating The Threat
  • Penetration Testing Exercises and Good Practice
  • Commissioning Penetration Tests
  • Building Organisational Capability
  • Embedding Penetration Testing Within Organisational Security Policies and Procedures
  • Role and Coverage of Reporting
  • Interpretation and Application of Report Outcomes
  • Acting On Penetration Testing Results - Remediation and Continuous Improvement¬†