Comprehensive penetration testing can contribute to the security conversation by suggesting organizations prioritize cybersecurity controls that will offer optimal risk remediation against exploits hackers will attempt. Penetration tests, which may include unauthenticated and authenticated tests, should encompass technical, physical, and human tests, alone and combined, revealing specific cascading sequences of exploits and kill-chains.
BPM Partner David Trepp discusses in a recent SC Magazine article how organizations can get the most out of pen tests.
Read the full article on the SC Magazine website.
About David Trepp
An avid technologist since he discovered programmable HP calculators in the 1970s, David Trepp has been a technology entrepreneur for over 30 years. David’s led thousands of information security penetration test engagements for satisfied customers across all major industries throughout the United States and abroad. He has given dozens of presentations to audiences nationwide, on a variety of information security topics. David has worked in information security with commercial, healthcare, government, financial, utility, law enforcement, and nonprofit organizations since 1998.
About BPM’s Information Security Assessment Services
BPM’s Information Security Assessment Services Group understands how to balance information security and business needs. The Firm performs a variety of tests and reviews, including the Comprehensive Penetration Test and Information Security Program Review, to identify vulnerabilities in a client’s Information Technology infrastructure, allowing companies to make well-educated decisions on where to best allocate resources. Learn more about BPM’s Information Security Assessment Services.