Automating web app testing to secure your environment
In this podcast recorded at RSA Conference 2018, Dave Ferguson, Director, Product Management for Web Application Security at Qualys, talks about the challenges and benefits of …
penetration testing
Hacking for fun and profit: How one researcher is making IoT device makers take security seriously
We should all be so lucky to enjoy our work as much as Ken Munro does. Generally attracted by research that “looks fun” and particularly interested in probing the …
How to choose a penetration testing service
Penetration testing or pen testing for short is a simulation of an attack on your company’s IT infrastructure or specific assets in order to assess the security posture …
Network forensics tool NetworkMiner 2.2 released
NetworkMiner is a popular network forensics tool that can parse pcap files as well as perform live sniffing of network traffic. It collects data about hosts on the network …
Nmap 7.60 released: SSH support, SMB2/SMB3 improvements, 14 more scripts
Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network …
Which countermeasures improve security and which are a waste of money?
If you want to know about which cyber defenses are most effective and which are a waste of money and resources, ask a hacker. And that’s just what Nuix researchers did. …
Why you need a tailored application security program
For companies that provide applications to their customers, keeping those applications secure is a must. Setting up an application security program is the next logical step, …
SAMRi10: Windows 10 hardening tool for thwarting network recon
Microsoft researchers Itai Grady and Tal Be’ery have released another tool to help admins harden their environment against reconnaissance attacks: SAMRi10 (pronounced …
Hackers changing tactics, techniques and procedures
Organizations need to conduct better penetration testing to combat continual changes in hackers’ tactics, techniques and procedures (TTPs), according to NTT Security. “Our Q3 …
Net Cease: Microsoft researchers unveil anti-reconnaissance tool
Microsoft researchers Itai Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from …
