Th e r ea r e six st e p s in volve d in the security testing process:

Vulnerability assessment

This step involves assessing the results produced by the automated scanners for any false positives.

The consultant will then use a range of manual probing and verification techniques to delve deeper into the infrastructure and highlighted vulnerabilities.

Exploitation

Next, the vulnerabilities unveiled in the scanning and manual probing stages are raised to the client. Depending on the client’s business operations and the severity of the vulnerabilities, the client may give the consultant the go-ahead to subject certain issues to exploitation attempts.