ABSTRACT
This chapter aims to define penetration testing, as well as elaborate on its requirement by multiple cyber-compliance standards and frameworks. A law firm's vulnerable camera system or the heating, ventilation, and air conditioning system of a major corporation both point to the capacity of bad actors to do – well – bad things, as well as the critical importance of frequent penetration testing performed by an independent party that is unafraid to poke, prod, explore, and document. Webcheck Security tested the discovered open ports and saw that quite a few services were replicated across different servers. Service set identifier or Wi-Fi testing is another best practice to ensure systems are secure internally. Stated another way, businesses typically have one or more wireless routers, which also provide obvious potential points of entry for bad actors. Penetration testing is more than just a best practice and part of a multifaceted infosec policy.
