State of Network Security Assessments


Infact, we’ve heard that companies does vulnerability and penetration testing on their corporate infrastructures.

What do you think of the IT Managers way of handling with these results and/or executive summary

1. Does their any action taken with these results

2. Does the system owners /business owners know how to remediate the fixes/finding available in the VA reports

Most of the companies do not react to any of those reports and still continue to run their infrastructure vulnerable. The prime reason for this is lack of knowledge and discipline

So, What is required to remediate the findings

1. Temporary Project Team

2. Engagement & Operating Model

3. Communication & Status Reporting

4. Creating Risk Aware culture

Do you need help, please write to me

Advertisements

2 thoughts on “State of Network Security Assessments

  1. Even though if you execute those 4 steps, do you think that it will be effective? I doubt. Still, the people won’t respond. The best solution I can suggest is to form a small white hat hacker team (can be same/separate Pen-test team) and exploit those vulnerabilities. Publish those in internal company websites/blogs. Let the owners aware of those exploits and see whether they respond or not.

    Like

Comments are closed.