Security Testing and Ethical Hacking
- May 18, 2015
As details emerge about a security researcher's alleged hack -- and subsequent denial -- of an airplane, more questions are being asked than answers given.
- May 15, 2015
News roundup: Microsoft released security details of its new Edge browser, but is enough to restore user confidence? Plus: Millennial security threats; new ransomware, GPU-based malware; black hat cybersecurity services.
- April 28, 2015
Some people think bug bounty programs are the answers to vulnerability woes, yet others remain skeptical of the negative impacts they present. RSA Conference panelists discussed both sides of one of today's hottest and most controversial IT topics.
- April 03, 2015
News roundup: President Obama's executive order allowing sanctions on cyberattackers has been met with mixed reaction. Plus: Threat intelligence perception versus reality; healthcare breach consequences; Verizon tosses supercookie.
- March 31, 2015
The PCI SSC has issued prescriptive new supplemental guidance on penetration testing in an effort to reverse current trends and improve merchant compliance.
- March 11, 2015
The 2015 edition of the Verizon PCI report shows enterprises are, on the whole, getting better at achieving full PCI compliance. Unfortunately, few can sustain it.
- March 06, 2015
News roundup: Bug bounty programs can offer big rewards to researchers, unless Adobe is handing out the prizes. Plus: Signal 2.0 encryption app; app cloning risk increasing; Angler adopts 'domain shadowing' capability.
- March 02, 2015
Bug bounty programs are a cool idea and often work, so why haven't they taken off for non-tech companies?
- March 02, 2015
Looking for security vulnerabilities? Tread lightly. The benefits of vulnerability rewards programs are great, but so are the risks.
- December 12, 2014
News roundup: Amid a devastating breach incident Sony Pictures is fighting back, raising legal and ethical questions. Plus: A big week in security acquisitions; Comcast sued over open Wi-Fi; and Yahoo announces vulnerability disclosure policy.
- November 21, 2014
News roundup: As the industry responds to growing demand for end-to-end Internet encryption, some fear unintended consequences. Plus: Black hats wanted; Windows Phone survives Pwn2Own; webcam spying resurgence.
- October 10, 2014
News roundup: Colleges across the country are offering courses in offensive hacking, but are they ethical? Plus: Why the first 'online murder' may happen in 2014; Palo Alto and NSS Labs make up; numerous Android security issues surface.
- October 03, 2014
News roundup: Palo Alto's next-generation firewall fared poorly in a recent NSS Labs report, leading to a testy back-and-forth about NGFW testing. Plus: Mitnick selling zero days; EMET bypassed, again; iThemes stored plaintext passwords.
- June 18, 2014
Third-party vendors are enabling bug bounty programs for organizations of all sizes, experts say, by handling triage and payment duties.
- March 05, 2013
Is offensive security or 'hacking back' a viable cyberdefense tactic? RSA Conference 2013 experts struggled to define the terms, never mind the role they play.