SANS Analyst Report | Why the Pen Test Needs an Update

SANS Analyst Report | Why the Pen Test Needs an Update

Most mature security organizations perform some regular penetration testing by internal teams, consulting, or both. However, in today’s realm of fast-moving technology changes and complex on-premises and cloud infrastructure, performing regular pen tests can be challenging for a variety of reasons.

First, most teams rely on vulnerability scanning to locate assets and potential avenues of exploitation during pen tests—these can be disruptive and produce a lot of false positives. Vulnerability scanners are certainly important, but their usefulness in comprehensive pen testing can be somewhat limited. Secondly, manual pen tests are always somewhat of a “point in time” endeavor and may have limited value over a longer period of time. Fortunately, new technologies are emerging to help provide automated attack modeling and more consistent, repeatable pen tests that mimic real-world attack techniques.

Download this analyst report for more on what attributes pen tests need to keep up with the current digital landscape.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.