NetsPWN: Assessment Services
I’ve also discovered that non-security executives often seem to think that a pen test is a pen test is a pen test and while this certainly isn’t the case (there is real skill involved in effective penetration testing, as well as the need for a solid process), what’s really frustrating is that it’s often the situation that what people call a pen test is actually a vulnerability assessment or a scan and that drives me nuts.
READ POST
NetsPWN: Assessment Services
NetsPWN: Assessment Services
According to Gartner, 75% of the attacks are coming though web applications and not through the network. This means greater emphasis needs to be placed on application security. However, this does not appear to be happening.
READ POST
NetsPWN: Assessment Services
The worst kind of vulnerability in your environment is the one you don’t know exists. The “FCKeditor Arbitrary File Upload” issue seems to be just such a vulnerability.
READ POST
NetsPWN: Assessment Services
If your security team is a capable one, I encourage you to incorporate both commercial and open source tools, and even consider the introduction of more than one commercial product.
READ POST
NetsPWN: Assessment Services
NetSPI is embarking on an initiative to provide opinions and insight to security practitioners in the form of periodic blog entries covering four specific subject areas, one of which is Application Security. Entries in this blog category will be providedby members of NetSPI’s Application Security team and will [...]
READ POST
Solutions
Services
About NetSPI
Contact Us
Copyright ©2012 NetSPI Inc. All rights reserved
