Introduction
In these days of widespread Internet usage, security is of prime importance. The almost universal use of mobile and Web applications makes systems vulnerable to cyber-attacks. Vulnerability assessment can help identify the loopholes in a system while penetration testing is a proof-of-concept approach to actually explore and exploit a vulnerability.
Cyber-attacks are increasing every day with the increased use of mobile and Web applications. Globally, statistics show that more than 70 percent of the applications either have vulnerabilities that could potentially be exploited by a hacker or worse, they have already been exploited. The data losses due to this are typical of two types. Either the data is confidential to the organization or it is private to an individual. Regardless of the category, data losses result in the loss of money or reputation. This article explores a technical process that can be adopted by industries and organizations to protect their intellectual property, and if implemented correctly, will result in better risk management.