{"id":3142,"date":"2020-09-17T16:14:01","date_gmt":"2020-09-17T14:14:01","guid":{"rendered":"https:\/\/www.vaadata.com\/blog\/?p=3142"},"modified":"2021-04-01T11:38:54","modified_gmt":"2021-04-01T09:38:54","slug":"how-to-define-scope-of-pentest","status":"publish","type":"post","link":"https:\/\/www.vaadata.com\/blog\/how-to-define-scope-of-pentest\/","title":{"rendered":"How To Define The Scope Of A Pentest?"},"content":{"rendered":"\n<div class=\"wp-block-image is-style-default\"><figure class=\"alignleft size-medium\"><a href=\"https:\/\/content.vaadata.com\/white-paper-how-to-define-the-scope-of-a-pentest\"><img decoding=\"async\" width=\"212\" height=\"300\" src=\"https:\/\/www.vaadata.com\/blog\/wp-content\/uploads\/2020\/09\/cover-212x300.jpg\" alt=\"\" class=\"wp-image-3143\" srcset=\"https:\/\/www.vaadata.com\/blog\/wp-content\/uploads\/2020\/09\/cover-212x300.jpg 212w, https:\/\/www.vaadata.com\/blog\/wp-content\/uploads\/2020\/09\/cover-725x1024.jpg 725w, https:\/\/www.vaadata.com\/blog\/wp-content\/uploads\/2020\/09\/cover-768x1085.jpg 768w, https:\/\/www.vaadata.com\/blog\/wp-content\/uploads\/2020\/09\/cover-1087x1536.jpg 1087w, https:\/\/www.vaadata.com\/blog\/wp-content\/uploads\/2020\/09\/cover.jpg 1241w\" sizes=\"(max-width: 212px) 100vw, 212px\" \/><\/a><\/figure><\/div>\n\n\n\n<p><strong>Defining the scope of a penetration test<\/strong> is a delicate step. What will be the target of the pentest? More precisely, which functional and technical aspects should be tested in priority? Moreover, how deep and how often should a pentest be recommended?<\/p>\n\n\n\n<div class=\"wp-block-buttons aligncenter is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-fill\"><a class=\"wp-block-button__link\" href=\"https:\/\/resources.vaadata.com\/en\/white-paper-how-to-define-the-scope-of-a-pentest\" target=\"_blank\" rel=\"noreferrer noopener\">Download<\/a><\/div>\n<\/div>\n\n\n\n<!--more-->\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>The aim of this white paper is to provide you different information in order to define a <strong>pentest strategy<\/strong>. We have gathered all key elements from our discussions with around 200 client companies of all sizes and from all sectors of activity. Each element has to be analysed according to your business context. You will then be able to determine a scope for your future security audits.<\/p>\n\n\n\n<p>In this white paper, we will see:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>What needs to be audited?<ul><li>Identifying the attack surface<\/li><li>Defining your priorities<\/li><li>Pentest strategy<\/li><li>Testing non-priority targets<\/li><\/ul><\/li><li>How to audit the targets?<ul><li>Black Box, Grey Box, White Box: Which approach?<\/li><li>How to estimate the time needed for a pentest?<\/li><li>Exhaustivity and certification<\/li><li>Recurring<\/li><\/ul><\/li><\/ul>\n\n\n\n<p>Making choices upstream will allow you to be more effective during your exchanges with the partner in charge of the pentest. However, discussion remains essential, as it is by confronting your internal viewpoint with the external viewpoint of a specialised third party that you will reach the best choices in order to validate your security audit project.<\/p>\n\n\n\n<div class=\"wp-block-buttons aligncenter is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link\" href=\"https:\/\/resources.vaadata.com\/en\/white-paper-how-to-define-the-scope-of-a-pentest\" target=\"_blank\" rel=\"noreferrer noopener\">Download Your Copy<\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Defining the scope of a penetration test is a delicate step. What will be the target of the pentest? More precisely, which functional and technical aspects should be tested in priority? Moreover, how deep and how often should a pentest be recommended?<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":{"0":"post-3142","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-solutions"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/posts\/3142","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/comments?post=3142"}],"version-history":[{"count":7,"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/posts\/3142\/revisions"}],"predecessor-version":[{"id":3656,"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/posts\/3142\/revisions\/3656"}],"wp:attachment":[{"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/media?parent=3142"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/categories?post=3142"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.vaadata.com\/blog\/wp-json\/wp\/v2\/tags?post=3142"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}