PREFACE

This book is a combination of attacking and defending. It is an attempt to shed light on the thoughts, motivations and actions of an attacker against an organization or individual, so that each of us can better defend our systems, our intellectual property and our values. Part of a good defense is a strong offense – and knowing how to probe, test and strengthen our systems is also knowing how to test and evaluate the effectiveness of our security controls and the resilience of our systems.

To become a great penetration tester requires experience and skill. It involves creativity, persistence and patience. This book discusses the management and planning side of penetration testing. It is not focused on how to use the tools available – tools change and new ones come out continuously – but rather the timeless managerial and planning skills needed to plan, conduct and report on the security of a system, network, organization and its people. Mix this knowledge with hours learning the tools, and you will be well on your way to understanding how to make a difference to the security, reliability and resilience of your organization.