by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in June 2013 and has been updated for accuracy and comprehensiveness. NIST/FISMA guidance is generally more prescriptive than most other forms of information security guidance. However, there are limits to any... by Michael Gargiullo | Aug 18, 2017 | Penetration Testing
Editor’s Note: This post was originally published in February 2014 and has been updated for accuracy and comprehensiveness. I’m still surprised how often our clients want us to perform black box penetration testing on their internet facing systems, instead of... by Mike Gargiullo | Jun 14, 2016 | Ethical Hacking, Penetration Testing
About 2 weeks ago I had an in-depth conversation with a client after performing a low-intensity penetration test. We offer a low-cost penetration test option that we call a “Validate” level engagement. Basically, a Validate level test involves an automated... by Bhaumik Shah | Oct 20, 2015 | InfoSec Strategies
In recent network penetration testing we’ve been seeing a lot of vulnerabilities around companies’ Domain Name System (DNS) servers. With nearly all networked applications (including web browsing, email, eCommerce and IP telephony) relying heavily on DNS, and more and... by John Verry | Dec 30, 2014 | Penetration Testing
It’s interesting to me that we can start to pick up shifts in our industry through the “Contact Us” form on our website. One unexpected (and at this point still unexplained) recent trend is an emphasis on physical penetration testing. Part of why it’s unexplained is...
