Penetration Test - Reporting_and_Communication(4)

Communication

IMPPORTANCE OF COMMUNICATION

• Good communication is critical to the penetration test success
• Most penetration tests should be conducted openly
  • Unless discretion is a stated goal
• Cooperation is enhanced with communication
• Who authorizes the project and provides funding?
• Who should be contacted if unexpected consequences occur?
• Who will resolve conflicts?
• Who will provide required technical assistance?
• How will you escalate issues that are not resolved in a timely manner?
• Communication timing and frequency
• Communication triggers
  • Critical findings - something that really can't wait
  • Stages - moving from one phase to another
  • Indicators of prior compromise - finding evidence that an attacker has already been here
  • Other defined milestones or events
    • Periodic reports
    • Critical tests started/completed
    • Obstacles put in place/removed(i.e. affect on operations)

REASONS FOR COMMUNICATION

• Situational awareness - most common recurring reason
• De-escalation - information or action is needed to reduce critical risk
• De-confliction - resolve conflict of any type
  • Pen test team vs operations/users
  • Pen test team vs service provider
  • Pen test team vs management
• Goal reprioritization - changes to pen testing plan
  • Unexpected impact
  • Unexpected findings
  • Organizational changes - management change, merger, acquisition
  • Conflict with team, management, resources, etc.
• All changes must follow change procedures

QUICK REVIEW

• Good communication is critical to pen test project success
• Managing communication expectations, including frequency, reduces conflict
• Define triggers that initiate communication