Penetration Testing Methodology – The Visual Guide – German Federal Bureau of Information Security

University of South Wales: Information Security & Privacy

ITIL rules in the UK, whereas the German Federal Bureau of Information Security is IMHO, the greatest and easiest system to put into action.  The Germans live and breathe data protection – these guys are the ones to follow.

https://www.bsi.bund.de/EN/Publications/publications_node.html

Penetration Methodology – The Visual Guide

The Bureau have adopted some BSI guides…

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Penetration/penetration_pdf

pen method 1

Just draw circles around each box, so that the outline of the Penetration Test is scoped within 2 minutes.  Easy right, when we work in visual mode.

pen method 2

Just get a pen and put a circle around the level of aggressiveness and scope, and you’re half way there.  It’s literally that simple.  The devil may be in the detail, but with diagrams and visual guides it’s easy to get agreement.

Aggressiveness

Tools such as NMAP can be customised to be less aggressive than the default.  Whereas T4 is the default scan, prehaps a T1 or T2 scan…

View original post 552 more words

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s