Get started
Bring yourself up to speed with our introductory content.
Penetration testing ethical hacking and vulnerability assessments
pen test (penetration testing)
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Continue Reading
honeypot (computing)
A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems. Continue Reading
Wireshark tutorial: Using Wireshark to sniff network traffic
Learn to use the Wireshark protocol analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer to inspect and analyze network traffic. Continue Reading
-
ethical hacker
An ethical hacker, also referred to as a white hat hacker, is an information security expert who systematically attempts to penetrate a computer system, network, application or other computing resource on behalf of its owners -- and with their ... Continue Reading
vulnerability assessment (vulnerability analysis)
A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary ... Continue Reading
white hat
A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks.Continue Reading
Get great results from authenticated vulnerability scanning
Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection.Continue Reading
CISSP Domain 5 quiz: Types of access control systems
Get ready for the CISSP exam with this 10-question practice quiz covering key concepts in Domain 5, including access control, identity, authentication and more.Continue Reading
vulnerability disclosure
Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so.Continue Reading
How does a private bug bounty program compare to a public program?
Explore the differences of public versus private bug bounty programs, as well as the benefits of each one. Expert Mathew Pascucci explains the risk and return of both programs.Continue Reading
-
black hat
Black hat refers to a hacker who breaks into a computer system or network with malicious intent. A black hat hacker may exploit security vulnerabilities for monetary gain; to steal or destroy private data; or to alter, disrupt or shut down websites ...Continue Reading
application whitelisting
Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all other applications from running.Continue Reading
What advanced security analysis tools are and how they work
The security analysis tools that provide advanced analytics are essential to counter the latest threats to enterprise systems and data. These products gather and analyze data from many different sources within an organization, and they provide ...Continue Reading
When to take a bug bounty program public -- and how to do it
Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public.Continue Reading
Automated Security Analysis of Android and iOS Applications
In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.Continue Reading