Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this second video on web app pentesting best practices, we discuss the important issue of when to test. This is important since the customer's operations can be negatively impacted as a result of your testing. In the agreement discussed in the previous video about gaining permission, you will also need to specify when you will be testing. Testing that places a large load on a system should be performed off-hours, most typically at night. However, certain types of tests will need to be performed during normal operating hours in order to identify if the customer is capable of detecting various kinds of attacks by way of their intrusion detection system.