Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools


Penetration Testing

Nested Knowledge will undergo penetration testing of its web application on an annual basis, unless this schedule is required to be revised by Nested Knowledge. An external security firm will test the web application to identify vulnerabilities. During the testing period, no software releases will be pushed, except releases with important bug fixes. Any vulnerabilities detected will be remediated promptly by the Nested Knowledge development team.

Each penetration test will follow the steps:

  1. Reconnaissance: gathering information before an attack
  2. Enumeration: finding attack vectors
  3. Exploitation: verifying security weakness
  4. Documentation: Recording results

Testing History

The last penetration test was completed by a third-party vendor on May 5th, 2023.

Revision History

AuthorDate of Revision/ReviewComments/Description
K. Cowie05/04/2023Updated
K. Kallmes04/10/2023Approved

Return to Policies

wiki/policies/penetration_testing.txt · Last modified: 2023/05/04 19:13 by katcow