Necessary Company

Summary Test of Invasion, Tests of Intrusion, Penetration Test or simply PenTest, is names given to the metodolgico process structuralized of search and identification of vulnerabilities for simulation of attempts of not authorized access of the indisposio to the T.I infrastructure., composed for nets, systems and applications. In elapsing of this process, it is made an active analysis of the vulnerabilities and deficiencies of the current infrastructure that supports the business of the company, composing a matrix of the resources analyzed with them you harness threats and points of accesses to the perimeter of authentication of the company, emphasizing the possible comprometimento of the availability, integrity and confidencialidade of the information. 1-Introduction. Daily new explored vulnerabilities are discovered that when being can shake them pillars of the Security of the Information, causing damages and damages to the image of the company. For a computational project, some suppliers of T.I are placed., for times with accesses privileged and that, for questions of stated periods and budgets they launch hand of the tests of security in its codes or the stage of implantation of its infrastructures.

To point and to correct imperfections after the system to be in production is only a palliative part of the work of the Manager of Security of the Information. To prepare itself for the unexpected one is another one. A to be compromised or embezzled time system is a question of. Soon, it is better that it is executed monitoradamente by who if trusts, therefore has a wide abyss between an attack simulated planned and controlled against a not waited real attack. Equally, one becomes necessary to create a form of proactive boarding to identify to such imperfections, alerting the related areas of the company in brainstorming that mitigates the inherent risk the T.I of the company. These boardings are called by Tests of Penetration or Tests of Intrusion.