Security Testing White Paper

How do you keep your information system secure? You can do this by regularly having a security test performed on your information system. Such a test gives you additional assurance about the security of your system. The results of this test can be used to fix vulnerabilities. Aside from feeling responsible yourself, a reason for having a security test performed is compliance or because your customers request it. To help you, NCSC-NL has compiled the Security testing White Paper. This White Paper is a manual for commissioning parties. In four steps, this White Paper accompanies you through the process, so you can increase the security of your information system as much as possible.

The steps:

1. Determine your goal: Ask yourself the right questions to set an objective.
2. Determine the means: Choose an appropriate test type and determine the scope and depth.
3. Manage the execution: Select a contractor to perform the test and facilitate the testers.
4. Implement improvements in your organisation: Make sure you apply the recommended improvements.