- The organization needs to validate its security stance for either personal or regulatory reasons.
- Many different types of tests are available from a variety sources. Knowing which tests to select and how to perform them can sometimes be confusing.
- This solution set will help the enterprise understand the difference between the various types of tests, how to select a provider, and how to get usable results from an analysis.
Our Advice
Hypothesis
- Enterprises invest considerable time, money, and effort to provide an appropriate security capability; however, without proper testing, the effectiveness of the security investment cannot be determined.
- A number of different testing types exist, which provide various insights into the overall security stance of the enterprise.
- Organizations need to build a comprehensive testing program that serves the dual role of proving security and discovering shortfalls.