Blog Posts Tagged with "Vulnerability Assessments"

1a490136c27502563c62267354024cd5

From PwnPlugs to Nuclear Power Plants...

January 03, 2012 Added by:Malgorzata Skora

Physical security can’t be overstated with high value targets such as the Nuclear Power plants in Iran and the U.S. Governments Secret SIPR networks being victims to physical layer compromise. If there’s one guaranteed way to gain access to any network, it’s with a physical layer exploit...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Want Rapid Feedback? Try a Web Application Security Scan

December 27, 2011 Added by:Brent Huston

While this service finds a number of issues and potential holes, we caution against using it in place of a full application assessment or penetration test if the web application in question processes critical or highly sensitive information...

Comments  (0)

1a490136c27502563c62267354024cd5

PenTest: Get to Know Yourself Before Others Do

December 14, 2011 Added by:Malgorzata Skora

With multi-tier network architectures, web services, custom applications, and heterogeneous server platform environments, keeping data assets secure is more difficult than ever. Coupled with this complexity is the fact that criminal organizations have organized their hacking efforts...

Comments  (1)

9fbacd2502ce5f91a25f722d8dfe2933

Five Key Aspects of a Good Infosec Risk Assessment

November 25, 2011 Added by:Albert Benedict

Because they are consistent and repeatable, current risk assessment results can be compared to previous years’ results to see if there was any growth. You can also compare the client’s status to other companies of similar size and stature to show them where they stand...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Stroke Development Versus Not Drowning

July 28, 2011 Added by:Rafal Los

Sony, Fox/Murdoch, et al, are all being harried by vulnerabilities left open in the backwaters of their infrastructure, not by bruteforce through the main gates. What little surprises might one find by using this time for review and planning?

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

Practical Packet Analysis Using Wireshark

July 24, 2011 Added by:J. Oquendo

I am not trying to write a scathing review, I am basing my review on experience.. I have used Wireshark since it was created in 1998 when it was called Ethereal. I have used both Wireshark and Omnipeek every single day for over a decade...

Comments  (1)

099757b145caa6965ea51494adbc25ba

Establishing Vulnerability Management Programs

May 19, 2011 Added by:Drayton Graham

In the ever changing world of new vulnerabilities and associated threats, it is essential that an inventory is kept of the external systems, associated ports, services, and applications. If any one of these is unknown, or insecure, then the associated Risk Level changes...

Comments  (0)

6648b1abd4a9b964566c3690613f20a6

Webapp Scanner Review: Acunetix Versus Netsparker

April 11, 2011 Added by:Mark Baldwin

Review: Two companies have developed commercial webapp scanners that rival the features, the speed, the usability and the accuracy of any commercial tool on the market. And they do it at a price point that just about any small business or independent consultant can afford...

Comments  (5)

99edc1997453f90eb5ac1430fd9a7c61

My My Commisioner, What Nice Teeth You Have

December 07, 2010 Added by:Javvad Malik

Sarbanes Oxley, an almost bottomless pit of money poured into achieving compliance. And then we wonder why people view security in a negative light. It’s because all they ever hear is do this or you’ll get fined, do that or you’ll be sent to jail, threats threats threats. It’s all about negative threats...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Secure Coding and Application Vulnerability Scanning

November 08, 2010 Added by:PCI Guru

There is a lot of confusion regarding secure coding standards and application vulnerability scanning requirements 6.5 and 6.6. First, let us talk about the intent of these requirements. The overall intent of both of these standards is to stop insecure applications from being placed in production...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Implementing OSSTMM Strategies Creates Value

September 28, 2010 Added by:Infosec Island Admin

OSSTMM has been enhanced over time dramatically. Current and upcoming releases are strongly related to practical issues. I can definitely confirm that many of our clients who have to change their supplier for security policy reasons expect their future suppliers to apply the OSSTMM...

Comments  (0)

38829f9c58dc699a3ef4caf9edf69b9a

Executive Series Tech Tip - Inadequate Vulnerability Assessment

March 16, 2010 Added by:Michael Bruck

Your latest Vulnerability Assessment is likely a waste of your IT Budget dollars!  Why? 

Comments  (5)

Page « < 1 - 2 > »