Understanding Penetration Testing for Evaluating Vulnerabilities and Enhancing Cyber Security
Downloads
In response to the increasing incidence of cyber-attacks, organizations are prioritizing security testing for their software applications and products. Among the most effective methods for identifying vulnerabilities is penetration testing, which involves simulated attacks on systems to uncover weaknesses that could be exploited by malicious actors. This method not only aids in identifying and remediating security flaws but also evaluates a system's ability to withstand unexpected threats. This paper provides an in-depth exploration of penetration testing, detailing its stages, methodologies, and the role of web application firewalls. A penetration test systematically assesses the security of IT infrastructures by exploiting vulnerabilities in systems, applications, and user behaviours. The findings from these tests are essential for IT management, guiding strategic decisions and prioritizing remediation efforts. Ultimately, the primary aim of penetration testing is to evaluate the risk of a system breach and its potential impact on organizational resources and operations.
Adamović, S. (2019). Penetration Testing and Vulnerability Assessment: Introduction, Phases, Tools and Methods. In Sinteza 2019-International Scientific Conference on Information Technology and Data Related Research (pp. 229-234). Singidunum University.
Al Shebli, H. M. Z., & Beheshti, B. D. (2018, May). A study on penetration testing process and tools. In 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT) (pp. 1-7). IEEE.
Collins, D. (2021). Pen Testing Framework for IoT Devices (Doctoral dissertation, Dublin, National College of Ireland).
Demetrio, L., Valenza, A., Costa, G., & Lagorio, G. (2020, March). Waf-a-mole: evading web application firewalls through adversarial machine learning. In Proceedings of the 35th Annual ACM Symposium on Applied Computing (pp. 1745-1752).
Garg, D., & Bansal, N. (2021, October). A Systematic Review on Penetration Testing. In 2021 2nd Global Conference for Advancement in Technology (GCAT) (pp. 1-4). IEEE.
Guzman, A., & Gupta, A. (2017). IoT Penetration Testing Cookbook: Identify vulnerabilities and secure your smart devices. Packt Publishing Ltd.
Koroniotis, N., Moustafa, N., Turnbull, B., Schiliro, F., Gauravaram, P., & Janicke, H. (2021). A Deep Learning-based Penetration Testing Framework for Vulnerability Identification in Internet of Things Environments. arXiv preprint arXiv:2109.09259.
Vats, P., Mandot, M., & Gosain, A. (2020, June). A Comprehensive Literature Review of Penetration Testing & Its Applications. In 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO) (pp. 674-680).
Vallabhaneni, R., Maroju, A., Vaddadi, S. A., & Dontu, S, "An Empirical Paradigm on Cybersecurity Vulnerability Mitigation Framework," ed, 2023.
Vallabhaneni, R. (2023). Effects of Reduced Security Integrations in Product Development on Data Integrity (Order No. 31561452). Available from ProQuest Dissertations & Theses Global; Publicly Available Content Database. (3106689562). https://www.proquest.com/dissertations-theses/effects-reduced-security-integrations-product/docview/3106689562/se-2
