LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Dynamic Application Security Testing

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Avoiding production impacts

Avoiding production impacts - Burp Suite Tutorial

From the course: Dynamic Application Security Testing

Start my 1-month free trial Buy for my team

Avoiding production impacts

“

- [Jared] Penetration testing involves testing the effectiveness of controls in a production environment. As the tester, it's your responsibility to know how to conduct these tests in a manner that avoids negatively impacting that environment. The last thing you want to happen during your penetration test is to cause a problem in production. Whether that's a noticeable slowdown, a corrupted database, or crashing the entire app, you can end up doing more harm than good. You can end up causing some of the very same problems your penetration test was designed to prevent. And if you've worked in security for any length of time you probably already know that it's an uphill battle. If you break a production app during a pen test, you're going to have a very hard time living that down. And I'm speaking from firsthand experience here. In one of my enterprise roles I hired a third party to conduct a web application penetration…

Contents