What are the components of a security evaluation?

Home / Hacking, News, Security / What are the components of a security evaluation?

September 12, 2008 PlanetCreator 0 Comments 0 tags

Any security evaluation involves three components:

* Preparation: In this phase, a formal contract is signed between an ethical hacker and the authority of the organization that contains a non-disclosure clause as well as a legal clause to protect the ethical hacker against any prosecution that he may face during the conduct phase. The contract also outlines the infrastructure perimeter, evaluation activities, time schedules, and resources available to him.
* Conduct: In this phase, the evaluation technical report is prepared based on testing potential vulnerabilities.
* Conclusion: In this phase, the results of the evaluation are communicated to the organization and corrective advice/action, if needed, is taken.

[webapps] MiniCMS 1.1 - Cross Site Scripting (XSS)
on April 11, 2025 at 12:00 am
MiniCMS 1.1 - Cross Site Scripting (XSS)
[webapps] Nagios Log Server 2024R1.3.1 - API Key Exposure
on April 11, 2025 at 12:00 am
Nagios Log Server 2024R1.3.1 - API Key Exposure
[webapps] phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)
on April 11, 2025 at 12:00 am
phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)
[hardware] ABB Cylon FLXeon 9.3.4 - Default Credentials
on April 11, 2025 at 12:00 am
ABB Cylon FLXeon 9.3.4 - Default Credentials
[hardware] ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure
on April 11, 2025 at 12:00 am
ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure

What are the components of a security evaluation?

Explore More

You’ve Hired a Hacker (Section 5)

Myanmar Hacker Groups Hacked Bangladesh Sites

Cracking WPA FAST with video cards!