Penetration Testing
Al-Matari, O. M., I. M. A. Helal, S. A. Mazen, and S. Elhennawy,
"Cybersecurity Tools for IS Auditing",
The 6th International Conference on Enterprise Systems, Limassol, Cyprus, IEEE, pp. 217-223, 2018.
AbstractIn a time of growing threats and advancing circumstances, receiving and keeping up a strong cybersecurity profile in the enterprises are crucial. Important data and resources must be protected. Nowadays, cybersecurity became a predominant issue facing most organizations. It is recognized by organizations as an enterprise-wide issue requiring protection and detection from possible and malicious attacks to protect enterprise information assets. Hence, enterprises are obligated to use multiple tools for covering most of the cybersecurity aspects through different operations and for supporting different levels of users. Information systems auditing is becoming more difficult due to the rapidly developing technological threats. Hence, having these audits and reviews performed by independent functions increase the likelihood of detecting control weaknesses and provides further checks. These control issues are typically not due to the failure of the technology. However, they are mostly the result of individuals not executing the process, or using a process that is poorly defended. The main purpose of this research is to make a comparative study of the capabilities of most of the available automated cybersecurity auditing tools for frontend cloud computing. The results of this comparative study lead to knowing how to secure the enterprise's assets by using automated tools and techniques. Also, it uses clear steps to gather the information to provide the evidence required in the final report of IS auditing.