Penetration testing, ethical hacking and vulnerability assessments

In this security testing and ethical hacking guide, you will get info on how to conduct a vulnerability assessment of your network and IT environment with penetration testing and ethical hacking tools and software, ethical hacker training and certifications.

New & Notable

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Penetration testing, ethical hacking and vulnerability assessments News

August 09, 2018 09 Aug'18
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure.
August 07, 2018 07 Aug'18
Bugcrowd CTO explains crowdsourced security benefits and challenges

In part two of this interview, Bugcrowd founder and CTO Casey Ellis discusses the value of crowdsourced vulnerability research, as well as some of the challenges.
August 02, 2018 02 Aug'18
Black Hat 2018 conference coverage

The SearchSecurity team covers the latest threats and vulnerabilities featured at this year's Black Hat USA with news, interviews and more from Las Vegas.
July 31, 2018 31 Jul'18
Bugcrowd CTO on the need for responsible disclosure policy, 'good faith'

Bugcrowd founder and CTO Casey Ellis talks about his concerns that the era of 'good faith' between security researchers and enterprises is in jeopardy.

View All News

Penetration testing, ethical hacking and vulnerability assessments Get Started

Bring yourself up to speed with our introductory content

honeypot (honey pot)

A honeypot is a computer system that is set up to act as a decoy to lure cyberattacks and to detect, deflect, or study attempts to gain unauthorized access to information systems. Continue Reading
vulnerability assessment (vulnerability analysis)

A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary ... Continue Reading
white hat

A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software or networks. Continue Reading

View All Get Started

Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

UPnP vulnerability: How is the UPnP protocol being misused?

The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it. Continue Reading
Use an authenticated vulnerability scan to find system flaws

If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
Active Cyber Defense Certainty Act: Should we 'hack back'?

With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading

View All Evaluate

Manage Penetration testing, ethical hacking and vulnerability assessments

Learn to apply best practices and optimize your operations.

Drupalgeddon 2.0: Why is this vulnerability highly critical?

A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb. Continue Reading
Golden SAML: How can it abuse SAML authentication protocol?

CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about the attack with Nick Lewis. Continue Reading
AVGater vulnerability: How are antivirus products impacted?

A security researcher recently discovered a new vulnerability -- the AVGater vulnerability -- that puts antivirus products at risk. Discover how this vulnerability works with Nick Lewis. Continue Reading

View All Manage

Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How does SirenJack put emergency warning systems at risk?

Bastille researchers created the SirenJack proof of concept to show how a vulnerability could put San Francisco's emergency warning system at risk. Judith Myerson explains how it works. Continue Reading
How does the KRACK vulnerability use encryption keys?

The KRACK vulnerability was found in the WPA2 protocol for wireless networks and it enables attackers to crack encrypted connections. Learn how it works from Nick Lewis. Continue Reading
Addressing vulnerable web systems that are often overlooked

Web security vulnerability scanners often focus on large applications within the enterprise. However, there are plenty of overlooked web systems that contain hidden flaws. Continue Reading

View All Problem Solve