Penetration testing, ethical hacking and vulnerability assessments

In this security testing and ethical hacking guide, you will get info on how to conduct a vulnerability assessment of your network and IT environment with penetration testing and ethical hacking tools and software, ethical hacker training and certifications.

New & Notable

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Penetration testing, ethical hacking and vulnerability assessments News

April 20, 2018 20 Apr'18
Keeper Security forms vulnerability disclosure program with Bugcrowd

Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program.
April 19, 2018 19 Apr'18
Moussouris: Bug bounty programs need to avoid jumping the shark

Bug bounty programs may seem to offer salvation at a bargain price for securing networks and systems, but Katie Moussouris offers tips for avoiding major pitfalls.
March 09, 2018 09 Mar'18
Tenable introduces Lumin cyber exposure platform

Tenable.io Lumin enables organizations to gauge their 'cyber exposure' to vulnerabilities and allows them to compare remediation efforts against industry benchmark data.
January 26, 2018 26 Jan'18
Intel Spectre vulnerability memo raises questions of OEM disclosures

Intel first learned of the Spectre vulnerabilities on June 1, but a confidential document shows the chipmaker didn't inform OEM partners until almost six months later.

View All News

Penetration testing, ethical hacking and vulnerability assessments Get Started

Bring yourself up to speed with our introductory content

vulnerability assessment (vulnerability analysis)

A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary ... Continue Reading
white hat

A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks. Continue Reading
Get great results from authenticated vulnerability scanning

Here are five things you can do to successfully prepare and run authenticated vulnerability scanning and, in the end, achieve the most protection. Continue Reading

View All Get Started

Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Use an authenticated vulnerability scan to find system flaws

If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
Active Cyber Defense Certainty Act: Should we 'hack back'?

With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
Why passing on cyber-risk insurance could be a big mistake

Insurance that covers data breaches and risk to consumers' personally identifiable information has been slow to catch on in the manufacturing sector. Here's why you might still need it. Continue Reading

View All Evaluate

Manage Penetration testing, ethical hacking and vulnerability assessments

Learn to apply best practices and optimize your operations.

Marcus Ranum decodes hardware vulnerabilities with Joe Grand

Computer hardware designs with dangerous security flaws? That's no surprise to renowned hardware hacker Grand. Continue Reading
Confused deputy: How did the vulnerability affect Slack?

A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
Vulnerability scans: How effective are they for web apps?

Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can be missed by security teams. Continue Reading

View All Manage

Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Addressing vulnerable web systems that are often overlooked

Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws. Continue Reading
A Windows vulnerability scan should leave no stones unturned

When it comes to scanning for vulnerabilities in Windows, IT pros need to run both authenticated and unauthenticated scans so they can see the deployment from every angle. Continue Reading
SQL Slammer worm returns: How risky is it for enterprises?

The SQL Slammer worm has re-emerged to attack a vulnerability in Microsoft SQL Server 2000. Expert Nick Lewis explains what enterprises can do to manage out-of-date systems. Continue Reading

View All Problem Solve