Temporary title: finding the relationship between a company's exposure and the type of penetration testing required
|has title::A cost - benefit analysis of attack & penetration testing from an information security perspective|
|Master:||project within::Software Engineering|
|Student name:||student name::Joris Kuilman|
|Supervisor:||Hans van Vliet|
|Company:||has company::Ernst & Young Nederland LLP|
IT Auditing - This research is about finding out the relationship between a company's exposure and the minimal size of the investment in security that is required. Therefore it is needed to define the term exposure, which I think of is influenced by several variables like its size, its branch, its network size, the market state and even more influences. Besides the definition of exposure, it is needed to provide insight in the process of penetration testing and its economic impact.