Security Testing and Ethical Hacking

MUST READ How security audits, vulnerability assessments and penetration tests differ EXPERT ANSWER - A lot of people use the words security audit, vulnerability assessment and penetration test interchangeably. Can you explain the differences between them so I'll know which term to use at the right time? Ethical hacking techniques for standard penetration testing EXPERT ANSWER - I recently did a penetration test for one of our company's partners, only to find out that management had not obtained written permission from the partner for the test to be performed. The partner reported that they'd been ...

VIDEO: 1 - 2 of 2

	How to perform Microsoft Baseline Security Analyzer (MBSA) scans SearchSecurity.com | 27 Apr 2009 VIDEO - This month, Peter Giannoulis of TheAcademyPro.com and TheAcademyHome.com offers an overview of the free Microsoft Baseline Security Analyzer.

	L0phtCrack returns SearchSecurity.com | 12 Mar 2009 VIDEO - Security expert Chris Wysopal explains why the L0phtCrack password cracking tool was unveiled once again after Symantec discontinued sales of L0phtCrack in 2006.

	VIEW ALL VIDEO ON SECURITY TESTING AND ETHICAL HACKING

NEWS: 1 - 3 of 35

	H.D. Moore speaks about Metasploit Project deal, Release 3.3 SearchSecurity.com | 17 Nov 2009 INTERVIEW - Founder talks about the community's reaction to the Rapid7 acquisition, big changes in the latest Metasploit Framework release and what the future might hold.

	Metasploit Project acquired by vulnerability management firm Rapid7 SearchSecurity.com | 21 Oct 2009 ARTICLE - The popular Metasploit Framework remains a free and open source hacking tool. Creator HD Moore joins Rapid7 as CSO, Metasploit architect.

	Security testing firm uncovers XML vulnerabilities SearchSecurity.com | 06 Aug 2009 ARTICLE - Codenomicon finds critical flaws in widely used XML libraries that could lead to denial of service attacks or injection of malicious code.

	VIEW ALL NEWS ON SECURITY TESTING AND ETHICAL HACKING

EXPERT TECHNICAL ADVICE: 1 - 3 of 34

SECURITY TESTING AND ETHICAL HACKING EXPERTS
			Michael Cobb, featured expert Founder and Managing Director, Cobweb Applications Ltd. ASK A QUESTION

	What to do with network penetration test results 01 Feb 2010 TIP - It takes a lot of time and effort to plan and conduct an enterprise network penetration test, but the work doesn't stop there.

	Does an EULA make it truly illegal to decompile software? 28 Aug 2009 EXPERT ANSWER - Michael Cobb explores a legal minefield: the legality of software decompilation.

	Should management processes change based on a patch release schedule? 28 Aug 2009 EXPERT ANSWER - Expert Michael Cobb explains why planned patch release schedules, though helpful, may alter they way you handle the deployment of your own updates.

	VIEW ALL EXPERT TECHNICAL ADVICE ON SECURITY TESTING AND ETHICAL HACKING

REFERENCE & LEARNING: 1 - 3 of 6

	Information security book excerpts and reviews SearchSecurity.com | 07 Dec 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	Screencast: Google hacking, infosec style SearchSecurity.com | 28 Aug 2007 SCREENCAST - In this exclusive screencast step-by-step demo, Tom Bowers explains how to ensure an organization's intellectual property doesn't fall into the wrong hands.

	Quiz: What's your infosec IQ? SearchSecurity.com | 13 Oct 2005 SECURITY QUIZ - Test your information security IQ with this short quiz.

	VIEW ALL REFERENCE & LEARNING ON SECURITY TESTING AND ETHICAL HACKING

MAGAZINE CONTENT (free subscription required): 1 - 3 of 17

	Attackers zero in on Web application vulnerabilities Information Security Magazine | 02 Feb 2010 FEATURES - Secure coding and vulnerability scanning could mitigate many Web application attacks

	The Pipe Dream of No More Free Bugs Information Security Magazine | 07 May 2009 COLUMNS - Security researchers have declared they want vendors to compensate them for their independent search for vulnerabilities.

	Security Services: QualysGuard Security and Compliance Suite Information Security Magazine | 01 Jun 2008 HOT PICK & PRODUCT REVIEWS - At Your Service

	VIEW ALL MAGAZINE CONTENT ON SECURITY TESTING AND ETHICAL HACKING

WEBCASTS: 1 - 2 of 2

Penetration Testing: Taking the Guess Work Out of Vulnerability Management - Vendor Webcast VIEW WEBCAST PREMIERED:   13 OCT 2005, 09:00 EDT (13:00, GMT) SUMMARY:   Register for this free Webcast and learn how penetration testing software picks up where "scan and identify" products leave off and how it efficiently and easily identify the real risks and implications of vulnerabilities in your network.

	Five must-have hacker tools for the security admin - Expert Webcast VIEW WEBCAST PREMIERED:   10 NOV 2004, 12:00 EST (17:00, GMT) SUMMARY:   The security administrator with the intent to secure his organization's network can benefit from the very same tools used by his foes to wreak havoc. Learn how in this webcast.

	VIEW ALL WEBCASTS ON SECURITY TESTING AND ETHICAL HACKING

DEFINITIONS: 1 - 3 of 8

	Cyber Storm 15 Feb 2006 WORD - Cyber Storm is the name of a simulated attack exercise conducted by the U.S. Department of Homeland Security (DHS) between February 6-10, 2006 to evaluate the performance of various public and private organizations. The ...

	honeynet 17 Aug 2004 WORD - A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet ...

	ethical hacker 28 Sep 2003 WORD - An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same ...

	VIEW ALL DEFINITIONS ON SECURITY TESTING AND ETHICAL HACKING

	SEE ALSO - Topics Related to Security Testing and Ethical Hacking:  Configuration Management Planning, Vulnerability Risk Assessment, Security Patch Management