This is the third in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part two is here. This is what I want to see covered in security test plans. Whenever I ask the supplier to…
Month: May 2011
How to develop a security test strategy, part two
This is the second in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part three is here. What do you need to write a security test plan? The folowing documents comprise the list of what…
How to develop a security test strategy, part one
This is the first of a series of posts describing how to put together a security testing strategy and the associated test plans. Part two is here and part three is here. What is a security test strategy A security test strategy is a key document deliverable to get into…
What I need from pen test reports.
I get a lot of pen test reports to read. They vary from beautifully crafted prose extolling the skilled exploitation of the system by security testing artistes to functional dumps of tool output into a word format by jobbing vulnerability scanners. Usually I read that report once, I use the…