Difference between revisions of "Threat-Led Penetration Testing"

From Open Risk Manual
(Created page with "== Definition == '''Threat-Led Penetration Testing'''. (TLPT) [also known as Red Team Testing] A controlled attempt to compromise the cyber resilience of an entity by simulat...")
 
 
Line 1: Line 1:
 
== Definition ==
 
== Definition ==
'''Threat-Led Penetration Testing'''. (TLPT) [also known as Red Team Testing] A controlled attempt to compromise the cyber resilience of an entity by simulating the tactics, techniques and procedures of real-life threat actors. It is based on targeted threat intelligence and focuses on an entity’s people, processes and technology, with minimal foreknowledge and impact on operations.
+
'''Threat-Led Penetration Testing''' (TLPT), also known as Red Team Testing is a controlled attempt to compromise the cyber resilience of an entity by simulating the tactics, techniques and procedures of real-life threat actors.  
 +
 
 +
TLPT is based on targeted [[Threat Intelligence]] and focuses on an entity’s people, processes and technology, with minimal foreknowledge and impact on operations.
  
  
Line 8: Line 10:
  
 
[[Category:Cyber Risk]]
 
[[Category:Cyber Risk]]
 +
[[Category:Threat Model]]

Latest revision as of 10:30, 14 October 2021

Definition

Threat-Led Penetration Testing (TLPT), also known as Red Team Testing is a controlled attempt to compromise the cyber resilience of an entity by simulating the tactics, techniques and procedures of real-life threat actors.

TLPT is based on targeted Threat Intelligence and focuses on an entity’s people, processes and technology, with minimal foreknowledge and impact on operations.


Reference

  • G-7 Fundamental Elements
Retrieved from "https://www.openriskmanual.org/wiki/index.php?title=Threat-Led_Penetration_Testing&oldid=26591"
  • Creative Commons Attribution-NonCommercial-ShareAlike
  • Powered by MediaWiki
  • Powered by Semantic MediaWiki