Tag Archives: penetration testing

Defence In Depth Penetration Testing

Never before has it been more important to think the unthinkable: what if an attack succeeds? (If you need some stats and arguments to persuade the Board of this, try this article of mine, of which this is a summary.) The solution to mitigate the threat of a successful attack is already very familiar to us all: defence in depth. But to what extent are those inner defences tested? What about a “second-level” penetration test, which would start from the assumption that a first-level defence has been bypassed? Continue reading