No posts for a couple of weeks now - mainly as I was on holiday for one of them :-)
As a gentle way back in to the blogosphere, my latest column was in Computer Weekly this week and it can also be found on-line at:
http://www.computerweekly.com/Articles/2009/05/13/236008/security-zone-penetration-testing-define-your-objectives.htm
My main thrust in the article is that penetration testing should not always be the first option with respect to obtaining a realistic view of the actual implemented and operated security posture of an organisation. I am of course aware that there are situations where nothing other than a full-blooded pen test will be appropriate but there are other times where a simple configuration review will provide more bang per buck. I'm expecting a bit of a bashing over the definition I provided for penetration testing but what's the point of writing articles if you can't have a bit of fun!
About Me
- Lee
- I'm a cybersecurity chap, currently working as a Director for a global systems integrator. I've been working in [IT|Information|Cyber] Security since 1998 with major banks, systems integrators as well as two of the Big 4. This blog is for those thoughts and musings that reflect purely my own opinions and certainly not necessarily those of my employers!
No comments:
Post a Comment