Current methodologies of information systems penetration testing focuses mainly on a high level and technical description of the testing process. Unfortunately, there is no methodology focused primarily on the management of these tests. It often results in a situation when the tests are badly planned, managed and the vulnerabilities found are unsystematically remediated. The goal of this article is to present new methodology called PETA which is focused mainly on the management of penetration tests. Development of this methodology was based on the comparative analysis of current methodologies. New methodology incorporates current best practices of IT governance and project management represented by COBIT and PRINCE2 principles. Presented methodology has been quantitatively evaluated.
Recenze knihy Umění klamu od Kevina Mitnicka, která nám představuje sociální inženýrství jakožto nástroj, který je v současnosti plnohodnotným doplňkem k technicky založeným prostředkům v arzenálu narušitelů informační bezpečnosti. Na rozdíl od nich však netrpí tak rychlým zastaráváním, proto je pohled na jeho základy od jednoho z nejproslulejších hackerů stále aktuální a má informační hodnotu nejen pro řešitele bezpečnosti, ale i pro běžné uživatele, kterých se probíraná problematika bezpochyby týká.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.