Abstract
Modern society is heavily reliant upon the internet. Accordingly, it is vital to ensure that the data transmitted over the internet is safe. Several tools have been created for cybersecurity experts and organizations to test the security levels of organizational networks and websites. However, due to financial constraints, small organizations need to pay closer attention to managing data with limited resources. This study explores the role of automated penetration testing tools in providing small organizations with an effective and affordable data security system. This study employs a case-study approach using multiple data-gathering methods in a charitable organization. More specifically, data was collected using interviews and experiments evaluating penetration testing tools. The results revealed that cost-effective automated penetration testing tools could safeguard small organizations from cybersecurity threats. The penetration testing tools determined that the organization’s website had various vulnerabilities. The Nessus tool discovered no fewer than 37 vulnerabilities on the website application. The ZAP testing tool showed that the website application was critically failing, leading to the accumulation of vulnerabilities. The system had 3 medium-, 12 low-, and 4-informational-risk vulnerabilities. Through the evaluation of open ports, the NMAP tool identified various vulnerabilities. These findings have important implications for small organizations. First, automated penetration testing tools can be easily conducted by small organizations to safeguard their cybersecurity without obtaining costly expert help. Second, it is recommended in the light of the findings that automated penetration testing tools be used in multiple combinations as different tools have unique contributions to cybersecurity.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Journal of Information Security and Cybercrimes Research
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.