This is the second in a series of posts looking at the current state of pen testing as I see it and presenting some ideas for the future. Part one is available here. In this post I will explore some of the issues I see in pen testing, it’s something…
Category: Testing
Making sense of pen testing, part one
This is the first in a series of posts looking at the current state of pen testing as I see it and presenting some ideas for the future. In this post I will apply a framework to understanding the process of pen testing. In the next post here I discuss…
How to develop a security test strategy, part three
This is the third in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part two is here. This is what I want to see covered in security test plans. Whenever I ask the supplier to…
How to develop a security test strategy, part two
This is the second in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part three is here. What do you need to write a security test plan? The folowing documents comprise the list of what…
How to develop a security test strategy, part one
This is the first of a series of posts describing how to put together a security testing strategy and the associated test plans. Part two is here and part three is here. What is a security test strategy A security test strategy is a key document deliverable to get into…