温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.ibm.com/topics/penetration-testing
点击访问原文链接

What is Penetration Testing? | IBM

进入原网站 导航首页
WelcomeOverviewOverviewOverviewPhishingSpear phishingSpear phishing vs. standard phishingSmishingBusiness email compromise (BEC)Whale phishing (whaling)PretextingOverviewRansomwareRansomware as a service (RaaS)ScarewareHistory of malwareOverviewThreat actorHackingAttack vectorAdversarial machine learningDistributed denial of service (DDoS) attackZero day exploitMan in the middle (MITM) attackBrute force attackLateral movementInsider threatsAdvanced persistent threatsKerberoastingCryptojackingData poisoningDark webOverviewData breachData exfiltrationPII (personally identifying information)Digital footprintData protectionData security posture managementData discoveryDatabase securityData privacyData privacy examplesXaaS data securityOverviewSymmetric encryptionAsymmetric encryptionPublic key infrastructurePublic key encryptionKey managementBring your own key (BYOK)CryptographyHomomorphic encryptionEnd-to-end encryptionCryptography typesCryptography use casesHistory of cryptographyTransport layer securityConfidential computingTokenizationOverviewNonhuman identityMachine identity managementIdentity securityIdentity fabricIdentity orchestrationCustomer IAM (CIAM)OverviewAuthentication vs. authorizationSingle sign-on (SSO)Two-factor authentication (2fA)Multi-factor authentication (MFA)Adaptive MFABiometric authenticationBehavioral biometricsCAPTCHAFIDOFIDO2Digital credentialsOverviewPrivileged access management (PAM)User provisioningRBACOAuthOverviewCloud security posture management (CSPM)Cloud workload protection platform (CWPP)OverviewMobile securityMobile workforceBring your own device (BYOD)Mobile device management (MDM)MDM vs. mobile application management (MAM)Enterprise mobility management (EMM)Unified endpoint management (UEM)UEM vs. MDMAndroid device managementNetwork securityInformation securityIT securityOT securityEmail securityWeb securityCritical infrastructureZero trustSecure access service edge (SASE)CIS benchmarksOverviewVulnerability management lifecycleVulnerability scanningVulnerability assessmentCVE (Common vulnerabilities and exposures)CVSS (Common vulnerabilities scoring system)Patch managementSecurity postureAttack surfaceAttack surface managementShadow ITLog4shellLog4J vulnerabilityLog4j vulnerability detection and patchingSaaS sprawlOverviewApplication security posture management (ASPM)Dynamic application security testing (DAST)OverviewEthical hackingRed teamingBlue teamPenetration testingNetwork penetration testingPhishing simulationBreach attack simulationOverviewAI securityAI fraud detection in bankingOverviewIncident responseDigital forensicsComputer forensicsDigital forensics and incident responseFraud detectionSecurity information and event management (SIEM)Security orchestration automation and response (SOAR)Endpoint detection and response (EDR)Network detection and response (NDR)Extended detection and response (XDR)Identity threat detection and response (ITDR)Data detection and response (DDR)Data loss prevention (DLP)Intrusion detection system (IDS)Intrusion prevention system (IPS)User behavior analytics (UBA)User and entity behavior analytics (UEBA)Distributed denial of service (DDoS) protectionNext generation antivirus (NGAV)OverviewThreat intelligenceOSINTThreat huntingMITRE ATT&CKNISTCyber resilienceCyber insuranceSecurity controlsManaged security service providerSecurity operations center (SOC)Managed detection and response (MDR)Cyber rangeCybersecurity crisis communicationcyberattacksecurity teamscybersecurityIBM Privacy StatementU.S. federal governmentransomware attacks "external and internal penetration testing"ISO/IEC 27001Watch the latest podcast episodeApplication pen testscloud appsapplication programming interfacesOpen Web Application Security Project (OWASP) Top 10malicious insiderssteal sensitive dataphishingsmishingOWASP's application security testing guidelinesthe Penetration Testing Execution Standard (PTES)National Institute of Standards and Technology (NIST) SP 800-115open source intelligence (OSINT)malwarepretextDenial-of-service attacksSocial engineeringadvanced persistent threatsUpcoming Webinar | March 31 Achieve continuous compliance in a hybrid data world with IBM Guardium Data Protection Register for this webinar to learn how AI governance helps organizations manage risk, meet evolving regulations and build trusted, responsible AI at scale. Register nowReport IBM X-Force Threat Intelligence Index 2026 Gain insights to prepare and respond to cyberattacks with greater speed and effectiveness with the IBM X-Force® Threat Intelligence Index. Read the reportOn-demand webinars Guardium webinars Learn how to protect your data across its lifecycle from our webinars. Explore on-demand webinarsTechsplainers podcast Cybersecurity explained Techsplainers by IBM breaks down the essentials of cybersecurity, from key concepts to real‑world use cases. Clear, quick episodes help you learn the fundamentals fast. Listen nowGuide Cybersecurity in the era of generative AI Learn how today’s security landscape is changing and how to navigate the challenges and tap into the resilience of generative AI. Read the guideWebinar recording Agent Ops and Responsible AI Join this webinar to explore practical strategies for operating and governing AI agents responsibly at scale, with expert insights on observability, risk management and accountable AI operations. Watch nowReport IDC MarketScape: Cybersecurity consulting services vendor assessment See why IBM has been named a major player and gain insights for selecting the cybersecurity consulting services vendor that best fits your organization’s needs. Read the reportExplainer What is a cyberattack? A cyberattack is an intentional effort to steal, reveal, alter, disable or eliminate data, applications or other assets through unauthorized access. Read the articleExplore IBM GuardiumExplore security solutionsExplore cybersecurity servicesExplore IBM GuardiumDiscover cybersecurity solutions

智能索引记录