7 Questions to Ask your Pen-Testing vendor

In recent months, data breaches and unsecured data stories concerning major companies have dominated the news – so what can businesses do to protect themselves?

A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF).

Pen testing can involve the attempted breaching of any number of application systems, (e.g., application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks.

Insights provided by the penetration test can be used to fine-tune your WAF security policies and patch detected vulnerabilities.

We’ve put together 7 essential Questions you should ask any potential penetration testing vendor:

This slideshow requires JavaScript.

“The key to success is in putting in multiple layers of defence, such as strong encryption of the credentials, limiting the number of records that can be read in a given timeframe.”

Deeper and multilayered defences make it harder for attackers to get to your data, even if you were compromised.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.