Datasheet
23
Chapter 1: Introduction to Ethical Hacking
Submit a formal report to upper management or to your client, outlining your
results and any recommendations you wish to share. Keep these parties in the
loop to show that your efforts and their money are well spent. Chapter 16
describes the ethical hacking reporting process.
Moving on
When you finish your ethical hacking tests, you (or your client) still need
to implement your recommendations to make sure the systems are secure.
Otherwise, all the time, money, and effort spent on ethical hacking goes to
waste.
New security vulnerabilities continually appear. Information systems con-
stantly change and become more complex. New hacker exploits and security
vulnerabilities are regularly uncovered. You might even discover new ones
yourself! Vulnerability scanners get better and better. Security tests are a
snapshot of the security posture of your systems. At any time, everything can
change, especially after upgrading software, adding computer systems, or
applying patches. Plan to test regularly and consistently (for example, once a
month, once a quarter, or biannually). Chapter 18 covers managing security
changes.