Features

Features

Penetration testing, ethical hacking and vulnerability assessments

• Bugcrowd CTO explains crowdsourced security benefits and challenges

  In part two of this interview, Bugcrowd founder and CTO Casey Ellis discusses the value of crowdsourced vulnerability research, as well as some of the challenges.  Continue Reading

• Bugcrowd CTO on the need for responsible disclosure policy, 'good faith'

  Bugcrowd founder and CTO Casey Ellis talks about his concerns that the era of 'good faith' between security researchers and enterprises is in jeopardy.  Continue Reading

• The vulnerability management process after Equifax

  Cataclysmic security incidents highlight the importance of a vulnerability management program versus a patch management system. Here's how to implement a risk-based approach.  Continue Reading

• Passive Python Network Mapping

  In this excerpt from chapter two of Passive Python Network Mapping, author Chet Hosmer discusses securing your devices against network security threats.  Continue Reading

• When to take a bug bounty program public -- and how to do it

  Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public.  Continue Reading

• Automated Security Analysis of Android and iOS Applications

  In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.  Continue Reading

• Information security book excerpts and reviews

  Visit the Information Security Bookshelf for book reviews and free chapter downloads.  Continue Reading

• Bug bounty programs narrow the crowd

  Data shows that more companies are moving away from crowdsourcing and adopting invitation-only awards programs. Do higher-quality submissions result?  Continue Reading

• Comparing the top vulnerability management tools

  Expert Ed Tittel compares how the top-rated vulnerability management tools measure up against each other so you can select the right one for your organization.  Continue Reading

• Seven criteria for buying vulnerability management tools

  Expert contributor Ed Tittel describes purchasing criteria for full-featured vulnerability management tools for small organizations to large enterprises.  Continue Reading

• The business case for vulnerability management tools

  Expert Ed Tittel describes business use cases for vulnerability management tools and examines how organizations of all sizes benefit from these products.  Continue Reading

• Introduction to vulnerability management tools

  Expert Ed Tittel explores how vulnerability management tools can help organizations of all sizes uncover defense weaknesses and close security gaps before they are exploited by attackers.  Continue Reading

• Hacking and Penetration Testing with Low Power Devices

  In this excerpt of Hacking and Penetration Testing with Low Power Devices, author Philip Polstra describes "The Deck" -- a custom Linux distribution -- that breaks the traditional penetration model by providing pen testers an OS that runs on ...  Continue Reading

• Choose the best vulnerability assessment tools

  This Buyer's Essentials guide helps InfoSec pros assess vulnerability management products by explaining how they work and by highlighting key features corporate buyers should look for so they can evaluate vendor offerings.  Continue Reading

• App security: Surviving the merger and acquisition process

  Some companies are trying to head off information security glitches before they sign on the dotted line, with help from security officers.  Continue Reading