Posts

Showing posts with the label Penetration Testing

What Makes a Security Plan?

      Hello, and welcome back to my blog. This week, I would like to quickly discuss the levels that go into making a security plan. These types of plans are an important tool for IT departments and Cybersecurity Administrators to design a plan that will help protect or slow down an attack on the network.     Of course, security plans can vary from company to company; however, their purpose remains the same, with threats looming every day. With IT managers adjusting in response to the ever-changing threats, the created security plan must be designed to stop or slow down any attempt to breach network defenses. Below we will look at the principal components of a security plan and what they entail.    Separate Networks              As the name suggests, having more than one network can protect company assists from hackers and the like. The reason being is that having every computer on one network would lead to issues if that subsequent work were to fail, which would stop operati

What is Penetration Testing?

Hello, and welcome to my blog!   This week, I will be discussing the topic of penetration testing and what it means for cybersecurity.   So, you may be wondering what penetration testing is and what is its purpose? Penetration testing, also known as pen testing, is a simulated cyberattack against a computer system to check for exploitable vulnerabilities. Pen testing is used to breach several applications, such as application protocol interfaces (APIs), and front-end/back-end servers. It can also be used to fine-tune the web application firewall (WAF). Pen the testing process can be broken down into five stages.   Planning and reconnaissance , which includes defining the scope and goals of the test, the systems to be addressed, the testing methods to be used, and intelligence gathering.   Scanning , which is to understand how the target application will respond to various intrusion attempts. This includes:   ·         Static analysis  – Inspecting an application’s