Читать книгу Hacking For Dummies - Kevin Beaver - Страница 35

When you finish your security tests, you (or your client) will still need to implement your recommendations to make sure that the systems are secure. Otherwise, all the time, money, and effort spent on testing goes to waste. Sadly, I see this very scenario fairly often.

New security vulnerabilities continually appear. Information systems change and are becoming more complex. New security vulnerabilities and exploits are being uncovered. Vulnerability scanners and related testing tools get better. Security tests provide a snapshot of the security posture of your systems. At any time, everything can change, especially after you upgrade software, add computer systems, or apply patches. This situation underscores the need to keep your tools updated — before each use, if possible. Plan to test regularly and consistently (such as monthly, quarterly, or biannually). Chapter 19 covers managing security changes as you move forward.