Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools

Trace: Penetration Testing

Sidebar

AutoLit® User Guide

Examining Results in Synthesis

Administrative Tools

Support and FAQs

Best Nest Building Practices

SLR Basics: How to Perform Systematic Review

NMA Basics: How to Perform a Meta-Analysis

Best Practices for Writing a Publishable Manuscript

wiki:policies:penetration_testing

Table of Contents

Penetration Testing

Nested Knowledge will undergo penetration testing of its web application on an annual basis, unless this schedule is required to be revised by Nested Knowledge. An external security firm will test the web application to identify vulnerabilities. During the testing period, no software releases will be pushed, except releases with important bug fixes. Any vulnerabilities detected will be remediated promptly by the Nested Knowledge development team.

Each penetration test will follow the steps:

  1. Reconnaissance: gathering information before an attack
  2. Enumeration: finding attack vectors
  3. Exploitation: verifying security weakness
  4. Documentation: Recording results

Testing History

The last penetration test was completed by a third-party vendor on May 5th, 2023.

Revision History

AuthorDate of Revision/ReviewComments/Description
K. Cowie05/04/2023Updated
K. Kallmes04/10/2023Approved

Return to Policies

wiki/policies/penetration_testing.txt · Last modified: 2023/05/04 19:13 by katcow

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki