By: Jennia Hizver, Consulting Practice Security Researcher and Consultant, AT&T
INTRO: Penetration tests are valuable for several reasons:
Over the years of my career as a penetration tester,
I have encountered many myths and misconceptions regarding penetration testing, some of which I’d like to share with you:
Myth #1: Vulnerability scanning can identify all vulnerabilities in an organization’s environment, and hence, penetration tests are unnecessary.
Myth #2: Professional penetration testers use expensive commercial tools.
Myth #3: One system compromise has no effect on other systems.
Myth #4: Penetration testing focuses on production networks containing sensitive data.
Myth #5: Penetration testers use the same approach and are likely to uncover the same issues.