An organization has implemented controls to mitigate risks resulting from identified vulnerabilities in an application. Which of the following is the BEST way to verify all weaknesses have been addressed?
Penetration testing simulates real-world attacks to identify any remaining exploitable vulnerabilities after controls are implemented. It validates that mitigation has been successful from an attacker’s perspective.
“Penetration testing is essential to verify the effectiveness of remediation efforts and ensure vulnerabilities can no longer be exploited.”
Vulnerability assessments and audits are valuable, but pen testing provides practical assurance.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit