The conduct of an external/internal vulnerability assessment and penetration testing of applications and network can be initiated wherein there is a limit in the knowledge assessment and testing performed at the front-end level (website).
The testing does not require knowledge of underlying code base or application architecture. Only authentication information for the internal testing would be required. This is called “Black Box” which is similar to the hacker’s point of view because usually they don’t have all the information about your network.
When the client provides complete information about the applications and networks this is called “White Box”, in between that is called “Grey Box”.
The amount of information needed will be based on our clients’ needs and wishes as discussed in Bitshield’s initial information gathering and scoping of the project.
www.bitshieldsecurity.com
www.bitshieldsecurity.com
No comments:
Post a Comment