The 8 Phases of Cyber Security Testing

Unlike the previous post: The 5 Phases Of Hacking. This procedure mostly resonates with cybersecurity professionals and/or ethical hackers.

1. SCOPING

Determining the rules of engagement for the assessment.

2. Reconnaissance

Also known as Information Gathering. Gather Relevant information and enumerate the attack surface.

3. Vulnerability Assessment

Also known as Scanning and Enumeration. Identify vulnerabilities and quantify risk associated.

4. Penetration Test

Also known as Exploitation or Gaining Access. Pop some shells. Exploit identified vulnerabilities.

5. Lateral Movement

Maintain access, pivot and find more data and assets.

6. Artifact Collection/Destruction

Clean users, software, logs, and files used throughout assessment.

7. Reporting/Debriefing

Prepare and Write Report. Communicate test results and remediation steps with client.

8. Securing

Start the remediation process. Secure the vulnerabilities found according to client’s go ahead.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.