Communication
IMPPORTANCE OF COMMUNICATION
- Good communication is critical to the penetration test success
- Most penetration tests should be conducted openly
- Unless discretion is a stated goal
- Cooperation is enhanced with communication
- Who authorizes the project and provides funding?
- Who should be contacted if unexpected consequences occur?
- Who will resolve conflicts?
- Who will provide required technical assistance?
- How will you escalate issues that are not resolved in a timely manner?
- Communication timing and frequency
- Communication triggers
- Critical findings - something that really can't wait
- Stages - moving from one phase to another
- Indicators of prior compromise - finding evidence that an attacker has already been here
- Other defined milestones or events
- Periodic reports
- Critical tests started/completed
- Obstacles put in place/removed(i.e. affect on operations)
REASONS FOR COMMUNICATION
- Situational awareness - most common recurring reason
- De-escalation - information or action is needed to reduce critical risk
- De-confliction - resolve conflict of any type
- Pen test team vs operations/users
- Pen test team vs service provider
- Pen test team vs management
- Goal reprioritization - changes to pen testing plan
- Unexpected impact
- Unexpected findings
- Organizational changes - management change, merger, acquisition
- Conflict with team, management, resources, etc.
- All changes must follow change procedures
QUICK REVIEW
- Good communication is critical to pen test project success
- Managing communication expectations, including frequency, reduces conflict
- Define triggers that initiate communication