As described by techrepublic:
DON'T LET YOUR PENETRATION TEST FAIL YOU

No security solution is truly reliable until it is tested, which is why
the security auditing industry is on the upswing. Many reputable
organizations are available to simulate hacker attacks and intrusions into your
system to better flesh out the flaws and limitations of your security
measures. Ideally, these identified flaws could be corrected before a
real-world hacker or virus maliciously and dangerously exploits your
vulnerability. Yet even audited and improved systems fail every day and not just to
new and different code threats and intrusion techniques. Many so-called
"penetration tests" fail to gauge several key elements of your security
solution, leaving you effectively ignorant of your system's weaknesses and,
worse, leaving your administrators with a false sense of security.

This free white paper outlines the 14 key areas that conventional
penetration tests fail to address. Find out what your simulation cyberattacks
haven't been telling you, and learn how you can perform a comprehensive
audit that gives you the full-spectrum data necessary to lock down your IT
systems.

TITLE: Broadening the Scope of Penetration-Testing Techniques: The Top
14 Things Your Ethical Hackers-for-Hire Didn't Test
Get it at:
http://www.enterasys.com/products/wh...ty/9012542.pdf