4. What type of test do you require? *
Black Box tests are where the penetration tester knows nothing of the infrastructure to be tested. It’s more indicative of a real-world, attack, but this method may expose fewer vulnerabilities. White Box tests are where the penetration tester has access to full, in-depth information on the infrastructure to be tested. Whilst not as realistic as a black-box test, it allows for a very thorough test. Grey Box tests are the most popular form of test that takes a balanced approach between white and black boxes. A grey box test discloses just enough information to perform a thorough, methodical test, whilst keeping the scenario relevant and realistic.