Ethical Hacking Process Plan for the Organizations
Ethical Hacking Process Plan-
Before an ethical hacker can begin the process they must create a plan, such as:
- Identify any and all networks they will test
- Detail the testing interval
- Detail the testing process
- Create their plan and then share it with stakeholders
- Get the plan approved
Ethical hacking has a variety of uses on the primary and secondary levels.
The primary uses include:
- Quality assurance by using information technology security analysis
- Compliance documentation with respect to legal regulations, standards and parameters
- Supporting arguments for information technology activities and projects in the future
- Prevention to provide for indirect and direct cost savings as time goes on
- Know-how transfer
- Building awareness at all levels
Primary and secondary uses are basically the questions that ethical hacking answers. These include:
- Do the technical measures put into place in the company adhere to legal requirements?
- Are any necessary patches up to date, and/or is the firewall correctly configured?
- Is the e-shop or mail server properly protected against potential attacks?
- Are all promises delivered by the external service provider?
- Have all necessary and possible security measures been put into place?
- Is home office access to the company’s network adequately secure?
- Is protection against malicious code, such as denial-of-service tools, Trojans, and viruses, adequate?
- Are there any “illegal” installations or are all of the company’s systems set up in conformance with the standards?
The required agreement is required to be signed by the ethical hackers for legal compliance during and after the hacking.
Disclaimer: The article/post is posted with the purpose of sharing knowledge and information. The article may contain references or content from other informative sources.
Researched/Authored/Compiled by Ronak Shah [Practice Head- Software Testing (QA), CIGNEX Datamatics]
About the author– Ronak Shah is the well-known Software Quality Strategist and the man behind delivering hundreds of “quality” software solutions worldwide to the enterprises including Fortune Global 500 companies. He is proficient in setting up, developing and managing independent Software Testing (QA) practice/department from the scratch in the organizations with his strong capabilities around team building, competence building and CMMi processes design and implementation. His leadership and management skills have won him many prestigious awards, recognitions and accolades from various organizations and esteemed clients for his outstanding performance, value-added contributions and his expert knowledge in “all types of software testing”. Ronak Shah (National Software Testing Topper Rank-1 as per TechGig.com, Geek Challenge Winner on ZDNet.com) can be reached at email@example.com.