Home // CYBER 2021, The Sixth International Conference on Cyber-Technologies and Cyber-Systems // View article

The Same, but Different: The Pentesting Study

Authors:
Jan Roring
Dominik Sauer
Michael Massoth

Keywords: penetration test; comparison; standards; human; soft skills.

Abstract:
When ordering a penetration test, customers assume that they will receive the same results regardless of who performs the testing. Although well-known standards are commonly used to ensure that results of penetration tests are consistent and reproducible, these results vary widely depending on the chosen service provider. To evaluate this, we had two penetration tests carried out on the same IT environment by independent service providers. While there was some overlap, the results show that the human component has a profound impact on the outcome of a penetration test.

Pages: 65 to 70

Copyright: Copyright (c) IARIA, 2021

Publication date: October 3, 2021

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-61208-893-8

Location: Barcelona, Spain

Dates: from October 3, 2021 to October 7, 2021