Services
PricingPortalPartners
Industries
Resources
Contact
Book a Consultation
Menu
Blog
Penetration Testing Methodology

Penetration Testing Methodology

Penetration testing methodology step‑by‑step, from scoping to exploit and reporting, aligned to OWASP and NIST 800‑115 frameworks.

The Complete Guide to The Risks of Broken Access Control

Learn about what causes broken access controls, the risks and impacts and how to prevent these vulnerabilities.

By
Shimon Brathwaite
9 min read

The Top 10 Credential-Based Attacks: What You Need to Know

With this article, read what identification and authentication failures entail and learn how to prevent them.

By
Omkar Hiremath
14 min read

The Stark Difference High and Low Quality Penetration Test

Learn the differences between a high and low quality penetration testing provider, and how you can evaluate vendors.

By
Omkar Hiremath
12 min read

3 Types of Cross-site Scripting Attacks & 4 Mitigation Strategies

Understanding the three main types of XSS attacks can help you plan to mitigate them using one of these four recommended strategies.

By
Warren Moynihan
12 min read

Why You Shouldn’t Deal With Low Hanging Fruit Before a Penetration Test

The importance of not eliminating low-hanging fruit before a penetration test

By
Shimon Brathwaite
10 min read

The Good, The Bad and the Ugly? Lessons from Incident Responses

Learn the Dos and Don’ts for your incident response plan based on real-life incidents. Read here.

By
Omkar Hiremath
9 min read

Get security insights straight to your inbox

Additional resources

Here to get you started

API & Web Application Security Testing

Differentiating Federated Identities: OpenID Connect, SAML v2.0, and OAuth 2.0

Compare OpenID Connect, SAML v2.0, and OAuth 2.0. Understand key differences, roles, and security risks in modern federated identity systems.

Read more
Featured Post Image
View report
Icon

The State of Penetration Testing as a Service- 2022 Edition

Say goodbye to 300+ page penetration test reports

Providing the quality of the biggest names in security without the price tag and complications.

Book a 30 min consultation

Manual penetration testing

Full time Canadian hackers

Remediation support

CTA background

Helping companies identify, understand, and solve their security gaps so their teams can sleep better at night

© XXXX Software Secured