Posts tagged 'Application Security Risks'

Security Industry

The value of multi-layer / comprehensive pen testing

Deke George

July 20, 2011

...you've got to look comprehensively at risk within all aspects of your IT environment. Because while you may not be looking at these things, it's certain that at some point, someone looking for the easiest way in will be looking at exploiting these weaknesses.
READ POST

NetsPWN: Assessment Services

The Vulnerability Disappearing (and Reappearing) Act

abacchus

February 9, 2011

As vulnerability assessments continue from quarter to quarter, some vulnerabilities seem to appear, disappear, and reappear again. Some appear that were never seen before, despite the fact the affected software has been in use for over a year.
READ POST

NetsPWN: Assessment Services

Firesheep – What About Your App?

abacchus

February 7, 2011

By simply downloading and installing FireSheep, someone with less $k1llz than a scr1pt k1dd13 can easily double-click their way into accessing another user's Facebook, Twitter, or a variety of other accounts.
READ POST

Compliance

Performing code reviews to PCI requirements

Steve Kerns

September 9, 2010

We were asked by a customer about performing code review based on the PCI requirements. The questions they asked were...
READ POST