Planning & Preparation
In the planning stage, the scope and goals of the project are defined. This includes the type of VAPT exercise to be undertaken, the target systems, planned duration, testing framework, and other considerations. It is important for both parties to discuss and agree how the activity will be conducted on a high level, taking into account various factors that can have a direct and indirect impact on the effectiveness and success of the project. For example, whether a staging environment is to be utilised, how to communicate critical vulnerabilities if any are discovered during project execution, to what extent vulnerabilities are to be exploited, and so on.