New & Notable
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Penetration testing, ethical hacking and vulnerability assessments News
January 04, 2018
Vendors released the vulnerability disclosures and patches for the new Meltdown and Spectre CPU attacks as the infosec industry begins mitigating risks.
November 21, 2017
Security researchers tested the controversial Intel Management Engine and other products, finding multiple Intel firmware vulnerabilities.
November 03, 2017
Security researchers competing at Mobile Pwn2Own 2017 used multiple vulnerabilities to hack iOS 11 in order to execute code and win prizes.
October 31, 2017
A security researcher earned more than $15,000 by finding three flaws in the Google Issue Tracker, aka Buganizer, which revealed details on unpatched vulnerabilities.
Penetration testing, ethical hacking and vulnerability assessments Get Started
Bring yourself up to speed with our introductory content
Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection. Continue Reading
Get ready for the CISSP exam with this 10-question practice quiz covering key concepts in Domain 5, including access control, identity, authentication and more. Continue Reading
Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so. Continue Reading
Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
Insurance that covers data breaches and risk to consumers' personally identifiable information has been slow to catch on in the manufacturing sector. Here's why you might still need it. Continue Reading
Manage Penetration testing, ethical hacking and vulnerability assessments
Learn to apply best practices and optimize your operations.
A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can be missed by security teams. Continue Reading
Cataclysmic security incidents highlight the importance of a vulnerability management program versus a patch management system. Here's how to implement a risk-based approach. Continue Reading
Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The SQL Slammer worm has re-emerged to attack a vulnerability in Microsoft SQL Server 2000. Expert Nick Lewis explains what enterprises can do to manage out-of-date systems. Continue Reading
Static source code analysis, along with dynamic analysis and pen testing, can help strengthen your application security. Expert Kevin Beaver goes over the features to look out for. Continue Reading
Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. Continue Reading