Blog Posts Tagged with "Vulnerability Assessments"

B64e021126c832bb29ec9fa988155eaf

Three Tips for Effective Vulnerability Assessments

January 23, 2013 Added by:Dan Dieterle

Regular vulnerability assessments are essential because threats to your network security continually change and evolve, and your security should be able to match this. A user’s PC or network access point might be secure today, but it could become completely vulnerable tomorrow...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Hacking Exposed 7: Network Security Secrets and Solutions

September 23, 2012 Added by:Ben Rothke

With the release of Hacking Exposed 7: Network Security Secrets & Solutions, authors Stuart McClure, Joel Scambray and George Kurtz (along with over 10 contributing authors) provide an up to date version to the original classic. The book includes the essentials of hacking...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Securing Your Application Perimeter: Getting Results

September 08, 2012 Added by:Fergal Glynn

What applications should you be testing? Just because the discovery process identifies 300 web applications doesn’t mean that you’d want to test the 30 that clearly should be decommissioned...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Backtrack 5 r3 List of (Some of the) New Tools and Programs

August 27, 2012 Added by:Dan Dieterle

What are the new utilities included with Backtrack 5r3? I couldn’t find a list, so I decided to make one myself comparing BT5r2 with the latest version. This is not an exhaustive list, but hopefully it will help people see some of the very cool new tools and programs added to Backtrack...

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

Information Security, Hackers, and Vigilance

July 30, 2012 Added by:Tripwire Inc

The bottom line: Attackers are always looking for mistakes, outliers, and inconsistencies so they can use them against you. This means your security programs need to be robust, resilient, measurable, and – as much as possible – consistent (vs. ad hoc)...

Comments  (0)

812d096e189ecbac061ebfe343f91e1e

To “Open Source” or “Not to Open Source”

July 27, 2012 Added by:Andrew Sanicola

Many open source products have add-ons, extensions, plug-ins etc. which make them attractive. While the core application itself is mostly secure, it is these extensions and plug-ins contributed by many diverse developers and organizations that introduce vulnerabilities into the open source product as a whole...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Energy Department Develops Tool for Electric Grid Cybersecurity

July 19, 2012 Added by:Headlines

“The new Cybersecurity Self-Evaluation Survey Tool for utilities is vitally important in today’s environment where new cyber threats continue to emerge. Adoption by the electric sector will further protect critical infrastructure and... provide an invaluable view of the industry’s cybersecurity capabilities.”

Comments  (0)

4eb356e09746aadc2f4800877e8c24e8

Penetration Testing the Cloud: Three Important Points

July 17, 2012 Added by:Brandon Knight

One area where companies seem to become lost is when talking about performing penetration testing services against their deployment. While there are some details to work out, fundamentally this type of assessment translates well when talking about applications and infrastructure deployed in the cloud...

Comments  (1)

Ebdbfa1c3de4d826bbe7fe360c211ecc

A Step-by-Step Guide for Choosing the Best Scanner

July 16, 2012 Added by:Shay Chen

There hasn't been any independent methodology for evaluating web application vulnerability scanners in a while. The following is a comprehensive guide for choosing the best scanner based on conclusions from the 2012 benchmark study - a comparison of 10 crucial aspects of 60 web application vulnerability scanners...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Vulnerability Scans too Disruptive to Conduct Regularly

July 12, 2012 Added by:Headlines

“Evidently, active vulnerability scanning can cause huge management headaches due to its disruptive nature and information overload, so scanners tend to be used primarily for ‘spot checks’ that aren’t effective at minimizing risks. Critical vulnerabilities have to be identified, prioritized, and remediated daily..."

Comments  (4)

1de705dde1cf97450678321cd77853d9

The Perils Of Automation In Vulnerability Assessment

June 25, 2012 Added by:Ian Tibble

“Run a scanner by it” still appears in so many articles – it's still very much part of the furniture. Software suites are built on the use of automated unauthenticated scanning – in some cases taking an open source scanning engine, wrapping a nice GUI around it, and slapping a 25K USD price tag on it...

Comments  (5)

68b48711426f3b082ab24e5746a66b36

What’s Going Right with Your Secure Development Efforts?

May 04, 2012 Added by:Fergal Glynn

Security professionals place developer’s code under a microscope and highlight each and every flaw, so you can appreciate why there may be some tension. Testing of code only offers assessments of what they did wrong. Can we apply a different lens while having this conversation?

Comments  (0)

53692ae1a8e713373b8a487ce89ee3e2

Three Areas to Test when Assessing Mobile Applications

May 02, 2012 Added by:Tom Eston

Mobile Application testing is something that will evolve as mobile apps get more complex and the business drives more towards mobile solutions. If you’re deploying mobile apps for your business it’s more important than ever to have testing done on three areas at a minimum....

Comments  (1)

1de705dde1cf97450678321cd77853d9

The Role of Penetration Testing in the Infosec Strategy

March 26, 2012 Added by:Ian Tibble

For all intents and purposes, penetration testing had become such a low quality affair that clients stopped paying for it unless they were driven by regulations to perform periodic tests of their perimeter "by an independent third party"...

Comments  (2)

1de705dde1cf97450678321cd77853d9

Out With the New, In With the Old: OS Security Revisited

March 06, 2012 Added by:Ian Tibble

Operating System Security is radically under-appreciated, and this has been the case since the big bang of security practices in the mid-90s. OS security, along with application security, is the front line in the battle against hackers, but this has not been widely realized...

Comments  (0)

099757b145caa6965ea51494adbc25ba

On Vulnerability Assessments and Penetration Tests

January 10, 2012 Added by:Drayton Graham

Simply put, a Vulnerability Assessment is a piece of code that will identify and report on known vulnerabilities, but a scanner will likely run into false positives. A Penetration Test goes a step further in that a human exploits vulnerabilities, but false positives do not exist...

Comments  (0)

Page « < 1 - 2 > »