- Web Penetration Testing with Kali Linux(Third Edition)
- Gilberto Najera Gutierrez Juned Ahmed Ansari
- 150字
- 2021-06-24 18:44:50
Status meeting and reports
Communication is key for a successful penetration test. Regular meetings should be scheduled between the testing team and the client organization and routine status reports issued by the testing team. The testing team should present how far they have reached and what vulnerabilities have been found up to that point. The client organization should also confirm whether their detection systems have triggered any alerts resulting from the penetration attempt. If a web server is being tested and a WAF was deployed, it should have logged and blocked attack attempts. As a best practice, the testing team should also document the time when the test was conducted. This will help the security team in correlating the logs with the penetration tests.
WAFs work by analyzing the HTTP/HTTPS traffic between clients and servers, and they are capable of detecting and blocking the most common attacks on web applications.
推薦閱讀
- 發布!設計與部署穩定的分布式系統(第2版)
- Extending Puppet
- 竹林蹊徑:深入淺出windows驅動開發
- 嵌入式實時操作系統μC/OS原理與實踐
- 突破平面3ds Max動畫設計與制作
- Mastering Reactive JavaScript
- VMware Horizon View Essentials
- Distributed Computing with Go
- Linux系統最佳實踐工具:命令行技術
- Linux軟件管理平臺設計與實現
- 從零開始學安裝與重裝系統
- μC/OS-III內核實現與應用開發實戰指南:基于STM32
- Learn Quantum Computing with Python and IBM Quantum Experience
- SQL Server on Azure Virtual Machines
- Windows10開發入門經典