Security Testing and Ethical Hacking
- March 02, 2015
Bug bounty programs are a cool idea and often work, so why haven't they taken off for non-tech companies?
- March 02, 2015
Looking for security vulnerabilities? Tread lightly. The benefits of vulnerability rewards programs are great, but so are the risks.
- December 12, 2014
News roundup: Amid a devastating breach incident Sony Pictures is fighting back, raising legal and ethical questions. Plus: A big week in security acquisitions; Comcast sued over open Wi-Fi; and Yahoo announces vulnerability disclosure policy.
- November 21, 2014
News roundup: As the industry responds to growing demand for end-to-end Internet encryption, some fear unintended consequences. Plus: Black hats wanted; Windows Phone survives Pwn2Own; webcam spying resurgence.
- October 10, 2014
News roundup: Colleges across the country are offering courses in offensive hacking, but are they ethical? Plus: Why the first 'online murder' may happen in 2014; Palo Alto and NSS Labs make up; numerous Android security issues surface.
- October 03, 2014
News roundup: Palo Alto's next-generation firewall fared poorly in a recent NSS Labs report, leading to a testy back-and-forth about NGFW testing. Plus: Mitnick selling zero days; EMET bypassed, again; iThemes stored plaintext passwords.
- June 18, 2014
Third-party vendors are enabling bug bounty programs for organizations of all sizes, experts say, by handling triage and payment duties.
- March 05, 2013
Is offensive security or 'hacking back' a viable cyberdefense tactic? RSA Conference 2013 experts struggled to define the terms, never mind the role they play.
- February 26, 2013
At Security B-Sides San Francisco, Brett Hardin asked why organizations hire penetration testers and assessed the value of penetration testing.
- December 04, 2012
Secure software development training is having an impact on vulnerability submissions, according to Brian Gorenc of HP TippingPoint DVLabs.