Open AccessDEVELOPMENT OF THE METHODOLOGY FOR PENETRATION TESTING OF MOBILE AND WEB APPLICATIONS
Author(s) -
Anastasia Melnikova,
Igor Karmanov
Publication year - 2019
Publication title -
interèkspo geo-sibirʹ
Language(s) - English
Resource type - Journals
ISSN - 2618-981X
DOI - 10.33764/2618-981x-2019-9-47-53
Subject(s) - penetration (warfare) , computer science , penetration test , computer security , audit , security testing , information security , engineering , business , operations research , accounting , cloud computing , cloud computing security , architectural engineering , joint (building) , security information and event management , operating system
The relevance of the topic is due to the fact that penetration testing (tests to overcome protection, penetration testing, pentest) is a worldwide popular service in the field of information security. The essence of such work is an authorized attempt to circumvent the existing set of protection means of information system. During testing, the auditor performs the role of an attacker motivated to violate the information security of customer's network. In article, features of penetration testing are thoroughly studied, a detail analysis of existing foreign solutions in the field of penetration testing is performed, a proprietary technique is developed and recommendations for improving the existing techniques are proposed.