Penetration Testing Best Practices
Test the effectiveness of your security controls against a real world threat.
Overview
In this guide, you’ll learn everything you need to know about penetration testing.
This section features articles that will help guide your business towards selecting a vendor to ensure penetration testing best practices are followed.
Get Started
Recent Articles
- Why Automation Is The Future Of Penetration Testing
- Continuous Penetration Testing: How To Lower Costs & Improve Security
- What Is Cloud Penetration Testing? (& When Do You Need It?)
- How To Create & Implement A Penetration Testing Policy
- White Box Penetration Testing: When Do You Need One?
- View All Articles
Categories
Policy Templates
Recent Articles:
Why Automation Is The Future Of Penetration Testing
Automated penetration testing is a vulnerability scanning technique that uses software to find security vulnerabilities in networks, cloud infrastructure, websites, and web and mobile applications.
Continuous Penetration Testing: How To Lower Costs & Improve Security
There are many definitions of continuous penetration testing. At PurpleSec, we believe conducting a penetration test at least quarterly means you’re continuously assessing your security posture.
What Is Cloud Penetration Testing? (& When Do You Need It?)
Cloud Penetration Testing is the process of detecting and exploiting security vulnerabilities by simulating a controlled cyber attack on cloud-native systems, where the cloud infrastructure’s security posture is assessed.
How To Create & Implement A Penetration Testing Policy
A penetration testing policy is a set of formalized guidelines, requirements, and standard operating procedures that serve to define the overall goals, expectations, limits, and methods.
White Box Penetration Testing
You may need to conduct a white box penetration test if you want to evaluate your application security, wireless security, infrastructure, network security, or physical security in an assumed breach scenario.
Black Box Penetration Testing
You may need to conduct a black box penetration test if you want to evaluate your application security, wireless security, infrastructure, network security, or physical security in a scenario closest to a real-life attack.
Different Types Of Penetration Testing
There are a number of types of pen tests that can be performed and understanding the type is critical to a business’s security success.
Privilege Escalation Attacks: Types, Examples, And Prevention
Privilege escalation attacks exploit weaknesses and security vulnerabilities with the goal of elevating access to a network, applications, and mission-critical systems.
Firewall Penetration Testing: Steps, Methods, & Tools
There are 13 steps to firewall penetration testing, which include locating the firewall, conducting tracerroute, scanning ports, banner grabbing…
Penetration Testing Methodologies: 4 Step Framework
The 4 main steps in the penetration testing methodology include planning and preparation, scan / assessment, exploitation and data exfiltration, and reporting, cleanup, and destruction of artifacts.
How To Perform A Successful Network Penetration Test
Performing a successful network penetration test includes information gathering and understanding client expectations, reconnaissance and discovery, performing the penetration test, and reporting on recommendations and remediation.
Social Engineering Penetration Testing: Attacks, Methods, & Steps
Social engineering penetration testing focuses on people and processes and the vulnerabilities associated with them.
How To Perform A Wireless Penetration Test
Wireless penetration testing is comprised of six main steps including reconnaissance, identifying wireless networks, vulnerability research, exploitation, reporting, and remediation.
13 Physical Penetration Testing Methods (That Actually Work)
Physical penetration testing exposes weaknesses in physical security controls with the goal of strengthening a business’s security posture.
Web Application Penetration Testing: Steps, Methods, & Tools
Web application penetration tests are performed primarily to maintain secure software code development throughout its lifecycle.
Internal Vs External Penetration Testing
What’s an internet and external pen test? Which one do I need and what’s more important? We explain.
