A penetration test is a traditional solution to evaluate and improve the robustness of an ICT system. This test is fully general, but some problems arise when deciding how to use its results to select the countermeasures against a successful penetration. These problems may explain the successful attacks against systems that successfully passed this test. We offer some theoretical explanations of the weaknesses of a penetration test and suggest some alternatives.
Avoiding the weaknesses of a penetration test
Fabrizio Baiardi
In corso di stampa
Abstract
A penetration test is a traditional solution to evaluate and improve the robustness of an ICT system. This test is fully general, but some problems arise when deciding how to use its results to select the countermeasures against a successful penetration. These problems may explain the successful attacks against systems that successfully passed this test. We offer some theoretical explanations of the weaknesses of a penetration test and suggest some alternatives.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
