Get started
Bring yourself up to speed with our introductory content.
Penetration testing ethical hacking and vulnerability assessments
honeypot (honey pot)
A honeypot is a computer system that is set up to act as a decoy to lure cyberattacks and to detect, deflect, or study attempts to gain unauthorized access to information systems. Continue Reading
vulnerability assessment (vulnerability analysis)
A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary ... Continue Reading
white hat
A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks. Continue Reading
-
Get great results from authenticated vulnerability scanning
Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection. Continue Reading
CISSP Domain 5 quiz: Types of access control systems
Get ready for the CISSP exam with this 10-question practice quiz covering key concepts in Domain 5, including access control, identity, authentication and more. Continue Reading
vulnerability disclosure
Vulnerability disclosure is the practice of publishing information about a computer security problem, and a type of policy that stipulates guidelines for doing so.Continue Reading
How does a private bug bounty program compare to a public program?
Explore the differences of public versus private bug bounty programs, as well as the benefits of each one. Expert Mathew Pascucci explains the risk and return of both programs.Continue Reading
black hat
Black hat refers to a hacker who breaks into a computer system or network with malicious intent. A black hat hacker may exploit security vulnerabilities for monetary gain; to steal or destroy private data; or to alter, disrupt or shut down websites ...Continue Reading
application whitelisting
Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all other applications from running.Continue Reading
What advanced security analysis tools are and how they work
The security analysis tools that provide advanced analytics are essential to counter the latest threats to enterprise systems and data. These products gather and analyze data from many different sources within an organization, and they provide ...Continue Reading
-
When to take a bug bounty program public -- and how to do it
Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public.Continue Reading
Automated Security Analysis of Android and iOS Applications
In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.Continue Reading
Best practices for an information security assessment
Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.Continue Reading
Gula talks Nessus agents and Nessus cloud
Video: SearchSecurity spoke with Tenable co-founder Ron Gula about recent additions to the Nessus feature set, including a version that lives in the cloud.Continue Reading
Six areas of importance in the PCI Penetration Testing Guidance
Complying with PCI penetration testing mandates has always been a challenge for enterprises. Expert Kevin Beaver discusses the recently released PCI SSC pen testing guidance and how it can help enterprises overcome their PCI woes.Continue Reading