401 Reading 41 - marsecguy/reading-notes-cyberops GitHub Wiki

Pentesting: Reconnaissance

1. How are the stages of a pen test very similar to those of the Cyber Kill Chain?

   • In essence, pen testing is application of the cyber kill chain without the malicious payloads and in a controlled environment. They both begin with reconnaissance and attempt to gain access to the system and establish persistence.

2. Your manager has asked you to explain the benefits of a pentest to the company’s leadership. How would you lead this conversation?

   • I would lead off by telling leadership that paying for us to find and close security gaps is much cheaper than an attacker finding and exploiting those gaps before we know they exist. The combined damage of the direct losses from an attack and lost revenue through shut-downs and loss of clients could cost many times more than developing a pen test program.

Source: Imperva