PROACTIVE RISK
  • About
    • 800 lb Gorilla
    • Our Manifesto
    • Simple Agreements >
      • Mutual Confidentiality and Non Disclosure Agreement
      • Master Agreement | Work Order
    • BLOG
    • Capabilities Summary
    • Request Support
    • Contact Us
  • SOLUTIONS
    • Fractional CIO/CISO
    • Cyber Recruiter
    • Threat Modeling
    • Policies and Plans
    • MonitorIT®
    • Software Development
    • Domains | DNS
    • PhishIT®
    • MeasureRISK®
    • Vendor Risk
    • CATSCAN®
    • Physical Security
    • Backup Resiliency
    • ProtectIT®
    • ManageIT®
    • FINDIT® >
      • RAPTOR eDiscovery
  • RESOURCES
    • Tech News
    • Videos
    • Store
    • Guides | Tools
    • STAFF

GRAY BEARD BLOG

SHARING RANDOM THOUGHTS ON TECH

proactive security testing

2/23/2023

Comments

 
Conducting a comprehensive cyber security penetration test assessment for a commercial business involves asking a wide range of questions to ensure that all potential vulnerabilities and weaknesses are identified and addressed. Here are some key questions to ask when conducting a penetration test assessment for a commercial business:
  1. What are the critical assets defined by the business.
  2. What are the potential attack vectors that a malicious actor could use to gain access to these critical assets?
  3. What are the current security controls in place, and have they been validated?
  4. Are there any vulnerabilities in the system that have already been identified by your own internal vulnerability assessment?
  5. How are employee accounts and privileges managed. 
  6. How are software and hardware updates managed. 
  7. What unique protocols, ports or services exist.
  8. How are backups managed, and are they regularly tested and validated?
  9. Are there any third-party vendors or partners with access to the system, and how are they managed from a security perspective?
  10. What are the key business functions that could be impacted by a successful cyber attack, and what is the potential impact to the business in terms of financial, reputational, or legal risks?
By asking these and other related questions, a cyber security professional can gain a comprehensive understanding of the organization's current security posture and identify areas that need to be improved.

If you would like to measure your security we invite you to learn more about CATSCAN
Comments

    Tom Brennan

    This is my blog, there are many like it but this one is mine. Enjoy.

    View my profile on LinkedIn

    BLOG Archives

    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    August 2022
    April 2022
    August 2021
    March 2021
    January 2021
    August 2020

    Categories

    All
    CMMC
    COMMUNITY
    TECHTIP

    RSS Feed

Contact Info

Proactive Risk Inc.
Tel: +1 (973) 298-1160
Web: www.proactiverisk.com
eMail: sales(at)proactiverisk.com

CONTACT US
Picture
© COPYRIGHT 2023. ALL RIGHTS RESERVED.
  • About
    • 800 lb Gorilla
    • Our Manifesto
    • Simple Agreements >
      • Mutual Confidentiality and Non Disclosure Agreement
      • Master Agreement | Work Order
    • BLOG
    • Capabilities Summary
    • Request Support
    • Contact Us
  • SOLUTIONS
    • Fractional CIO/CISO
    • Cyber Recruiter
    • Threat Modeling
    • Policies and Plans
    • MonitorIT®
    • Software Development
    • Domains | DNS
    • PhishIT®
    • MeasureRISK®
    • Vendor Risk
    • CATSCAN®
    • Physical Security
    • Backup Resiliency
    • ProtectIT®
    • ManageIT®
    • FINDIT® >
      • RAPTOR eDiscovery
  • RESOURCES
    • Tech News
    • Videos
    • Store
    • Guides | Tools
    • STAFF