by Jeremy Sporn | Jun 8, 2018 | Penetration Testing
When your network goes through a penetration test, it’s a little like taking a journey on The Oregon Trail (remember that all-time-great video game?). Using a range of manual techniques supported by automated tools, your network infrastructure undergoes a simulated...
by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in June 2013 and has been updated for accuracy and comprehensiveness. NIST/FISMA guidance is generally more prescriptive than most other forms of information security guidance. However, there are limits to any...
by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in September 2015 and has been updated for accuracy and comprehensiveness. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on security attestation have been including...
by Terry Crowley | Apr 17, 2018 | Penetration Testing
Even if your company has a robust firewall, an intrusion detection system (IDS) and antivirus/anti-malware, hackers can still gain access to your systems and data by exploiting vulnerabilities in your networks. Finding those vulnerabilities before the attackers do...
by Bhaumik Shah | Mar 22, 2018 | InfoSec Strategies, Penetration Testing
If your development teams have moved away from a waterfall approach to a more modern agile or DevOps methodology with frequent releases or continuous integration, how can you ensure and verify application security with just the “traditional” annual penetration...
by Michael Gargiullo | Mar 1, 2018 | Penetration Testing
A network penetration test is a deep-dive investigation that returns valuable information when other criteria about your network is already satisfied. Performing a penetration test without good APV management (Asset Management, Patch Management, and Vulnerability...
