Whether you are starting to access the security of business or going for penetration testing, the first step is to gather the information.