Security Testing and Ethical Hacking
- June 18, 2014
Third-party vendors are enabling bug bounty programs for organizations of all sizes, experts say, by handling triage and payment duties.
- March 05, 2013
Is offensive security or 'hacking back' a viable cyberdefense tactic? RSA Conference 2013 experts struggled to define the terms, never mind the role they play.
- February 26, 2013
At Security B-Sides San Francisco, Brett Hardin asked why organizations hire penetration testers and assessed the value of penetration testing.
- December 04, 2012
Secure software development training is having an impact on vulnerability submissions, according to Brian Gorenc of HP TippingPoint DVLabs.
- November 14, 2012
Red teaming assesses the security of an organization and can be a more effective way to assess the organization's security posture.
- October 02, 2012
Windows security has improved, but longstanding Unix and network vulnerabilities remain an easy target for determined attackers.
- October 01, 2012
Pen testers often focus on system errors and application flaws, but employees are often an enterprise's greatest weakness, explains Chris Nickerson.
- September 29, 2012
Unpatched databases, misconfigured routers and more than 1,000 passwords were exposed in an Internet probe over 20 days by Metasploit creator HD Moore.
- May 01, 2012
Despite the accidental release of attack code for a bug in Oracle’s database, the company won’t change the code for fear of “regression.”
- April 24, 2012
Google increased the reward for a code execution bug to $20,000. Microsoft remains against a bug bounty.