Description
Taylor & Francis The Ethical Hack (Pb) by James S Tiller
The Ethical Hack: A Framework for Business Value Penetration Testing explains the methodologies, framework, and "unwritten conventions" that ethical hacks should employ to provide the maximum value to organizations that want to harden their security. This book is unique in that it goes beyond the technical aspects of penetration testing to address the processes and rules of engagement required for successful tests. It examines testing from a strategic perspective, shedding light on how testing ramifications affect an entire organization.Critical Issues emphasized in The Ethical Hack and nowhere else:· A Focus on methodology over technology. Hacker tools and techniques are relatively well known, so this book instead explains how to apply the information derived from them toward the hardening of organizational security.· Interpretation of results. The author recommends expert integration of testing results into security practice, which is surprisingly uncommon.· Protecting the innocent. This book provides the framework for protecting security professionals and confidential information during testing.· Politics and processes. The text highlights the need for proper communications, expectations, and metrics before testing.· Testing procedures. The book is unique in connecting reconnaissance, data collection, vulnerability analysis, exploitation, analysis, and other testing components to overall business objectives.