Penetration Testing

A guide for business and IT managers

By (author) Nick Furneaux, Dr Jims Marchang, Rob Ellis, Jason Charalambous, Moinuddin Zaki, Peter Taylor, Roderick Douglas, Felix Ryan, Ceri Charlton, Gemma Moore, Tylor Robinson, Sharif Gardner Edited by James Hayes

Publication date: 30 Aug 2019

Penetration testing is the methodology of professionally attempting to break in to an organisation's systems by exploiting any vulnerabilities, with the goal of determining whether an organisation's computer systems are secure. As hackers and would-be cyber attackers become more brazen, the importance of penetration testing cannot be stressed highly enough. This essential BCS guide for business and IT managers, in collaboration with CREST, explains the process of penetration testing and the benefits it brings. With contributions from practising penetration testers and information security experts, the book brings together a wide range of expertise, insight, and tips for setting up a penetration testing programme, maintaining it, and responding to the results of penetration tests.
Paperback - £29.99
The BCS-CREST penetration testing working group are all penetration testing experts from across the security industry. From university lecturers specialising in information security, to penetration testers and consultants, to information security managers, they all have insight to share on preparing, carrying out, and responding to penetration testing.

Dimensions: 244x170mm

Print ISBN-13: 9781780174082

150 pages

Imprint: BCS, The Chartered Institute for IT

  1. What is penetration testing?
  2. Successful penetration testing: an overview
  3. Regulatory management for penetration testing
  4. Embedding penetration testing within organisational security policies and procedures
  5. Outcome-led and intelligence-led penetration testing
  6. Scoping a penetration test
  7. Penetration test coverage and simulating the threat
  8. Building organisational capability for penetration testing
  9. Commissioning penetration testsĀ 
  10. Selecting tools for penetration testing
  11. Good practice for penetration testing
  12. Role and coverage of reporting
  13. Interpretation and application of report outcomes
  14. Acting on penetration test resultsĀ