Читать книгу CompTIA Pentest+ Certification For Dummies - Glen E. Clarke - Страница 16

Internal staff

Оглавление

Many organizations opt to have their internal security staff perform penetration testing. This is a good idea as it will save money, but you must make sure there is no conflict of interest with the group performing the pentest. You must also make sure the people performing the pentest are qualified to conduct a pentest. (I discuss the qualifications needed by pentesters in “Qualified pentesters” later in this chapter.)

The members of the internal team performing the penetration test should not be part of the team who installed, configured, or manages the systems or networks being assessed. They should also not be the persons responsible for implementing the security of the systems, as that is a direct conflict of interest. A separate team should be dedicated to assessing security within the organization and performing the penetration tests.

Companies may also create separate internal teams — a red team and a blue team — to help assess the security of assets within the organization. The red team is an internal security group that performs attacks on company assets, such as a penetration test and social engineering attacks to validate whether there is enough protection on the company assets. The blue team is the internal security group within the company that is focused on protecting the assets. This includes monitoring the security controls, the intrusion detection systems, and the logs to protect the asset and identify when a security breach occurs. It is important to note that the red team’s job is to stay up-to-date on any new attack methods, while the blue team must be current on any new technologies used to protect assets from attacks. The red team and blue team should also meet regularly to update the other team on lessons learned so that both teams are fully aware of current attacks and mitigation strategies.

Penetration testing can be a costly affair, so having an internal team can save the company lots of money and allow for more regular pentests.

CompTIA Pentest+ Certification For Dummies

Подняться наверх