Write review on this article with two references with APA format.
Red Teaming COLLAPSE In today's cyber threat environment it is not possible to add enough controls to eliminate all system vulnerabilities. One solution for this reality is to attempt to utilize the same methods and techniques as black hat hackers by an organization with a team of hackers either on the payroll or contracted from the outside.
This team of authorized hackers is known as a Red Team (Richardson & Thies, 2013).
Penetration Testing software by a red team can be extremely technical and yield credible, high detail, and reliable results. Some downsides of red team testing are they can be expensive, and if not properly controlled, could be destructive to live systems and data (Klíma, 2016). Unfortunately, many of the penetration testing standards tend to focus on the technical testing processes and do little to help systematically address the remediation of any problems that are discovered.
One solution for this problem is for organizations to adopt a standard that integrates penetration tests and their results into the context of information technology management.
One such penetration testing methodology is called PETA and adopts principles from the COBIT and PRINCE2 frameworks. PETA takes a project management approach to penetration testing making it more cost effective, increases the quality of identified vulnerabilities and their countermeasures, produces higher quality documentation, and lessens the impact on systems being tested (Klíma, 2016).
The main advantage of utilizing a red team to penetration test systems, especially if they are an outside firm, is that when they report back their finding it reveals the effectiveness of the security controls, security team, and developers of software and systems (Northcutt, 2006).
Followers of Christ are called on to test themselves and periodically determine if they are following the word of God to the best of their ability, if they pass the test they know Christ is in them and they are on the correct path (C.F. 2 Corinthians 13:15 NIV). If the test is failed then they must find the problem and correct it.
Penetration testing by red teams can be extremely valuable when the process and findings are properly managed. Organizations should make sure tests are properly structured, easily repeatable, and the results consistently followed up on. References Klíma, T. (2016, December).
PETA: Methodology of Information Systems Security Penetration Testing. Acta Informatica Pragensia, 5(2), 98-117. doi:10.18267/j.aip.88 Northcutt, S. (2006).
Penetration Testing: Assessing Your Overall Security Before Attackers Do.
Secure software design. Burlington, MA: Jones & Bartlett Learning.