I have recently completed penetration testing of a SAP portal application for a customer. It was a short-time (5 days) assignment which required execution of tool-supported automatic pentest (with IBM Appscan), manual pentest and preparation of final presentation that explains findings and countermeasures.
In such short time pentests, it is very important that test plan is scheduled efficiently. In the following, I want to summarize some important aspects that are relevant for executing pentests successfully and efficiently:
No Comments
