Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Security Testing - Coggle Diagram
Network Security Testing
Security Assessments
Vulnerability Scanners
A vulnerability scanner assesses computers, computer systems, networks or applications for weaknesses. Vulnerability scanners can help to automate security auditing by scanning the network for security risks and producing a prioritized list to address vulnerabilities.
Types of Scans
When evaluating a vulnerability scanner, look at how it is rated for accuracy, reliability, scalability and reporting. You can choose a software-based or cloud-based vulnerability scanner.
-
Security Automation
Let’s now look at some information on the automated approaches of Security Information and Event Management (SIEM) and Security Orchestration Automation and Response (SOAR).
-
-
-
Penetration Testing
Penetration testing, or pen testing, is a way of testing the areas of weaknesses in systems by using various malicious techniques. A penetration test simulates methods that an attacker would use to gain unauthorized access to a network and compromise the systems and allows an organization to understand how well it would tolerate a real attack.
Exercise Types 
For instance, in such a scenario, there can be three or four teams:
The red team is the adversary, trying to attack the system while remaining unnoticed.
The members of the blue team are the defenders and they try to thwart the efforts of the red team.
The white team is a neutral team that defines the goals and rules and oversees the exercise. Members of the white team are less technical but possess knowledge about governance and compliance. The white team is the referee of this exercise.
Sometimes, there is also a purple team, where members of the the red and blue team work together to identify vulnerabilities and explore ways to improve controls.
-
Packet Analyzer
Packet analyzers, or packet sniffers, intercept and log network traffic. They perform the below functions — either for legitimate purposes like troubleshooting or illegitimate purposes such as compromising data:
Network problem analysis.
Detection of network intrusion attempts.
Isolation of exploited systems.
Traffic logging.
Detection of network misuse.