Penetration Testing
A guide for business and IT managers
By (author) Nick Furneaux, Jims Marchang, Rob Ellis, Jason Charalambous, Moinuddin Zaki, Peter Taylor, Roderick Douglas, Felix Ryan, Ceri Charlton, Gemma Moore, Tylor Robinson, Sharif Gardner Edited by James Hayes
Publication date: 11 Sep 2019
Penetration testing is the attempt to professionally break in to an organisation's systems by exploiting any vulnerabilities, with the goal of determining whether an organisation's IT systems and resources are secure. As hackers and would-be cyber attackers become increasingly more brazen, penetration testing has become an essential practice. This BCS guide for business and IT managers, developed in collaboration with CREST, explains the process of penetration testing and the benefits it brings. With contributions from practising penetration testers and information security experts, the book brings together a wide range of expertise, insight, and tips for setting up a penetration testing programme, maintaining it, and responding to the results of penetration tests.Dimensions: 244x170mm
Print ISBN-13: 9781780174082
Ebook ISBN-13: 9781780174105
172 pages
Imprint: BCS, The Chartered Institute for IT
- What is penetration testing?
- Successful penetration testing: an overview
- Regulatory management for penetration testing
- Embedding penetration testing within organisational security policies and procedures
- Outcome-led and intelligence-led penetration testing
- Scoping a penetration test
- Penetration test coverage and simulating the threat
- Building organisational capability for penetration testing
- Commissioning penetration tests
- Selecting tools for penetration testing
- Good practice for penetration testing
- Role and coverage of reporting
- Interpretation and application of report outcomes
- Acting on penetration test results
Peter Wood FBCS CITP CISSP M.Inst.ISP
Partner, Naturally Cyber LLP and Founder, First Base Technologies LLP
Denis Onuoha
CISO, Arqiva
Robert J. Lockwood MSc, CISSP, CISM
Director, Fusion Cell
Dave Hay
Software Engineer, IBM Cloud Hyper Protect Services