Save £12 Million every year > Save £3 Million every quarter   
The Big Agile Toolkit: no Dogma, no Bias, no Accreditation, no Exams & no Fees   
 Stress testing  Stress testing   Integration testing   Integration testing

Lifecycle   »   Agile Testing   »   Penetration testing

Bear in mind, this may or may not apply to your solution. The objective of a penetration test is to assess the security of a solution by creating and imitating an attack from an outside source. The solution is often on the web and the outside source is a cracker or hacker. The penetration tests are trying to identify and unpick potential vulnerabilities. Often these vulnerabilities are well documented technical flaws, exploitations or weaknesses known throughout the industry and also well-known to hostile or malicious intruders. Penetration testing is used to uncover these flaws, outline the feasibility and method of possible attacks, document the risks and business impact as well as identify proper mitigation for the flaw.

Penetration testing is split into 2 main types. Black box testing (aka blind penetration tests) and White box testing (aka full disclosure penetration tests). Black box tests assume no prior knowledge of the solution that is to be penetrated. These are the tests used to uncover the routes and security breaches that hackers find into unfamiliar systems. Where sensitive information is compromised or there are security breaches by employees this assumes some prior knowledge of the system and white box testing is used.

As a minimum, you perform white box testing and try to automate as much of this is possible. Black box testing can be expensive and time-consuming but the costs need to be compared with the financial loss involved in a system rendered inoperable or permanently damaged.


 Stress testing     Stress testing   Integration testing    Integration testing

Glossary:     a  »   b  »   c  »   d  »   e  »   f  »   g  »   h  »   i  »   j  »   k  »   l  »   m  »   n  »   o  »   p  »   q  »   r  »   s  »   t  »   u  »   v  »   w  »   x  »   y  »   z

#personas  »   #artefacts  »   #archetypes  »   #patterns  »   #change  »   #personas  »   #increasingoutput  »   #reducingvariation  »   #improveefficiency  »   #abstraction  »   #predictionandcontrol  »   #management  »   #organisations  »   #socialnetworktheory  »   #failfast  »   #quality  »   #waste  »   #complexity  »   #learning  »   #adapt  »   #inspect  »   #improvement  »   #models  »   #complexadaptivesystems  »   #informationflow  »   #sytemsthinking  »   #butterflyeffect  »   #unpredictability  »   #chaos  »   #emergence  »   #emergentbehaviour  »   #distributedcontrol  »   #continuousimprovement  »   #complexityscience  »   #gametheory  »  
 Agile In 6 Steps    |    Projectivity    |    Instant Agile    |    Risks    |    Auditing Agile Projects 
Big Agile Toolkit Book (Amazon Japan)   |   Big Agile Toolkit Book (Barnes and Noble)
Buy the Big Agile Toolkit Book   |   Buy the Big Agile Toolkit Kindle eBook
Penetration testing


The Big Agile Toolkit

 SPADE: Successful Pragmatic Agile Delivery Everytime™ 
Topic: 336  Page: 288/444  Progress: 64.9%
 About    |    Author 
Follow @BigAgileToolkit

This content can be copied to third parties for personal use if you acknowledge the source of the material with website URL ( and Twitter hashtag (#BigAgileToolkit).
In all other cases, no part of bigagiletoolkit or associated text or website may be copied reproduced or redistributed in any form or by any means without prior permission in writing from the author.
Agile Project Governance for Cost Conscious Companies™

All rights reserved.