by Terry Crowley | Jun 24, 2019 | Penetration Testing
Penetration testing seeks to evaluate your security posture using simulated attacks to identify and exploit vulnerabilities. Most pen testing is done by experts using manual techniques supported by automated tools. In any penetration testing engagement, one of... by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in June 2013 and has been updated for accuracy and comprehensiveness. NIST/FISMA guidance is generally more prescriptive than most other forms of information security guidance. However, there are limits to any... by Michael Gargiullo | Aug 18, 2017 | Penetration Testing
Editor’s Note: This post was originally published in February 2014 and has been updated for accuracy and comprehensiveness. I’m still surprised how often our clients want us to perform black box penetration testing on their internet facing systems, instead of... by Mike Gargiullo | Jun 14, 2016 | Ethical Hacking, Penetration Testing
About 2 weeks ago I had an in-depth conversation with a client after performing a low-intensity penetration test. We offer a low-cost penetration test option that we call a “Validate” level engagement. Basically, a Validate level test involves an automated... by Bhaumik Shah | Oct 20, 2015 | InfoSec Strategies
In recent network penetration testing we’ve been seeing a lot of vulnerabilities around companies’ Domain Name System (DNS) servers. With nearly all networked applications (including web browsing, email, eCommerce and IP telephony) relying heavily on DNS, and more and...
