 PETA: Methodology of Information Systems Security Penetration TestingTomáš Klíma Acta Informatica Pragensia, 2016, vol. 2016, issue 2, 98-117 Abstract: Current methodologies of information systems penetration testing focuses mainly on a high level and technical description of the testing process. Unfortunately, there is no methodology focused primarily on the management of these tests. It often results in a situation when the tests are badly planned, managed and the vulnerabilities found are unsystematically remediated. The goal of this article is to present new methodology called PETA which is focused mainly on the management of penetration tests. Development of this methodology was based on the comparative analysis of current methodologies. New methodology incorporates current best practices of IT governance and project management represented by COBIT and PRINCE2 principles. Presented methodology has been quantitatively evaluated. Keywords: IT security; Penetration testing; Methodology; IT security audit (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:prg:jnlaip:v:2016:y:2016:i:2:id:88:p:98-117 Ordering information: This journal article can be ordered from DOI: 10.18267/j.aip.88 Access Statistics for this article Acta Informatica Pragensia is currently edited by Editorial Office More articles in Acta Informatica Pragensia from Prague University of Economics and Business Contact information at EDIRC. |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.