ITIL rules in the UK, whereas the German Federal Bureau of Information Security is IMHO, the greatest and easiest system to put into action. The Germans live and breathe data protection – these guys are the ones to follow.
Penetration Methodology – The Visual Guide
The Bureau have adopted some BSI guides…
Just draw circles around each box, so that the outline of the Penetration Test is scoped within 2 minutes. Easy right, when we work in visual mode.
Just get a pen and put a circle around the level of aggressiveness and scope, and you’re half way there. It’s literally that simple. The devil may be in the detail, but with diagrams and visual guides it’s easy to get agreement.
Tools such as NMAP can be customised to be less aggressive than the default. Whereas T4 is the default scan, prehaps a T1 or T2 scan…
View original post 552 more words