Towards a Unified Penetration Testing Taxonomy

Penetration testing is a time consuming process which combines different mechanisms (security standards, protocols, best practices, vulnerability databases, techniques and guidelines) to evaluate computer systems and network vulnerabilities. It´s main goal is to identify security weaknesses by using methods and procedures that are commonly used by malicious attackers. Furthermore, the best companies have certificated penetration testers to increase the quality and efficiency of their work. However, the rapid technology evolution increases the complexity and decreases security, and it raises the question if these support mechanisms are adequate and up-to-date. To provide an efficient widespread quality assessment of penetration testing process and mechanisms. Our work is formed to use developed framework to depict an efficient taxonomy over widespread technical and non-technical aspects that cover penetration testing process.