Penetration Testing mailing list archives
Re: IT Audit vs Pen-Test
From: Jovon Itwaru <jovon.itwaru () gmail com>
Date: Fri, 25 Mar 2011 11:57:12 -0400
Usually an audit results in a pass or fail. The assessment is based upon standards or other measurements such as NIST, OWASP, OCTAVE, etc.. Many times, the assessment gets the network, application, or system(s) ready for an audit. Thanks, Jovon On Mar 25, 2011, at 9:26 AM, cribbar wrote:
Hi All, Excuse my ignorance, but what is the difference between an IT Audit and a Pen-test? Say if the scope of the review was to look at public facing infrastructure, what would an IT Audit look for that a Pen-Test would not, and vice versa? Theres another concept I keep hearing about that is an "IT Healthcheck", how does that differ from the IT Audit or Pen-Test, which does it more closely resemble, as IT Audit or a Healthcheck? What are the benefits/limitations of each of these 3? With Regards -- View this message in context: http://old.nabble.com/IT-Audit-vs-Pen-Test-tp31237881p31237881.html Sent from the Penetration Testing mailing list archive at Nabble.com. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- IT Audit vs Pen-Test cribbar (Mar 25)
- Re: IT Audit vs Pen-Test Jovon Itwaru (Mar 26)
- Re: IT Audit vs Pen-Test JiPi DiNi (Mar 26)
- <Possible follow-ups>
- Re: IT Audit vs Pen-Test vito . nozza (Mar 26)