![](https://blog.deurainfosec.com/wp-content/uploads/2019/08/PenTesting.jpg)
12 desirable reasons why an organization should carry out a penetration test:
- Assess potential business and operational impacts of successful attacks and determine the feasibility of a particular set of attack vectors.
- Identify higher-risk vulnerabilities resulting from lower-risk vulnerabilities exploited in a particular way.
- To comply with security regulations or standards, e.g. ISO 27001
, NIST CSF
, NIST 800-171![](https://ir-na.amazon-adsystem.com/e/ir?source=bk&t=wwwdeurainfos-20&bm-id=default&l=ktl&linkId=e70ef7a3032ac09627eeb7086f9a20e1&_cb=1565244004117)
, HIPAA
, PCI DSS
or the EU GDPR
.
- To ensure the security of new applications or significant changes to business processes.
- To manage the risks of using a greater number and variety of outsourced services.
- To assess the risk of critical data or systems being compromised by an incident.
- In preparation for any upcoming external audits, such as FFIEC audits performed by third-party providers.
- To determine the weakness in the infrastructure (hardware), application (software) and people in order to develop controls.
- Save Remediation Costs and Reduces Network Downtime.
- To develop Efficient Security Measures.
- Provide evidence to support increased investments in security personnel and technology.
- At the end of the day, it’s basic due diligence, to find out about the vulnerability before someone else does.
I’ll Let Myself In: Tactics of Physical Pen Testers
#SANS Pen Test HackFest Summit
![](//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=1838646078&Format=_SL250_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=deurainformat-20&language=en_US)
![](https://ir-na.amazon-adsystem.com/e/ir?t=deurainformat-20&language=en_US&l=li3&o=1&a=1838646078)
Penetration Testing Services Procurement Guide
![](//ws-na.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=1849285799&Format=_SL250_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=deurainformat-20&language=en_US)
![](https://ir-na.amazon-adsystem.com/e/ir?t=deurainformat-20&language=en_US&l=li3&o=1&a=1849285799)
Contact DISC InfoSec to discuss your information security assessment (pen test) requirements
Tags: #penetrationtesting #gdpr #pcidss #cybersecurity, #PenTest