Penetration testing, ethical hacking and vulnerability assessments
In this security testing and ethical hacking guide, you will get info on how to conduct a vulnerability assessment of your network and IT environment with penetration testing and ethical hacking tools and software, ethical hacker training and certifications.
New & Notable
3 Ways SOAR Can Combat the Cybersecurity Skills Shortage
What are some of the strategies that your organization has implemented to help combat the cybersecurity skills gap? Mike Chapple, senior director of IT at University of Notre Dame explains how log processing, threat intelligence and account lifecycle management can help alleviate the shortage of qualified pros and have teams work smarter, not harder.
Penetration testing, ethical hacking and vulnerability assessments News
-
August 13, 2019
13
Aug'19
Google wants Project Zero to be part of an open alliance
After five years of running Project Zero, Google wants to expand the scope to an open alliance of vulnerability researchers all working toward the same goal to 'make 0day hard.'
-
August 08, 2019
08
Aug'19
Apple bug bounty expands to MacOS, offers $1 million iOS reward
Apple announced an expansion of its bug bounty program at Black Hat 2019, including rewards for MacOS vulnerabilities and a $1 million reward for a zero-click iOS exploit.
-
August 02, 2019
02
Aug'19
Cohesity CyberScan scans backup copies for security risks
Cohesity CyberScan uses Tenable.io to find security vulnerabilities in backup copies. Because the app is scanning backups, it doesn't affect performance of production environments.
-
May 22, 2019
22
May'19
Risk & Repeat: Cisco vulnerabilities raise backdoor concerns
This week's Risk & Repeat podcast looks at vulnerabilities in Cisco and Huawei products, which have raised concerns about backdoor access in networking equipment.
Penetration testing, ethical hacking and vulnerability assessments Get Started
Bring yourself up to speed with our introductory content
-
How to build an enterprise penetration testing plan
Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe. Continue Reading
-
Wireshark tutorial: How to use Wireshark to sniff network traffic
Learn how to use the Wireshark packet analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer for network traffic analysis and inspection. Continue Reading
-
Words to go: Email phishing security
IT teams must take precautionary measures to address cybersecurity awareness, particularly when it comes to email. Refer to this list of email security terms to mitigate risks. Continue Reading
Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
UPnP vulnerability: How is the UPnP protocol being misused?
The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it. Continue Reading
-
Use an authenticated vulnerability scan to find system flaws
If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
-
Active Cyber Defense Certainty Act: Should we 'hack back'?
With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
Manage Penetration testing, ethical hacking and vulnerability assessments
Learn to apply best practices and optimize your operations.
-
5 enterprise patch management best practices
It might not be the most exciting of responsibilities, but the value of enterprise patch management cannot be denied. Review these best practices to build a smooth patching process. Continue Reading
-
5-step checklist for web application security testing
This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws. Continue Reading
-
How can an authentication bypass vulnerability be exploited?
A vulnerability was found in Western Digital's My Cloud NAS device that can be easily exploited by hackers. Discover what this vulnerability is and how users can be protected. Continue Reading
Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
What's the best way to prevent XSS attacks?
To prevent cross-site scripting attacks, software developers must validate user input and encode output. Review characters to filter out, as well as sources and sinks to avoid. Continue Reading
-
Tenable CEO Amit Yoran wants to stop 'cyber helplessness'
This week's Risk & Repeat podcast features Tenable CEO Amit Yoran, who discusses what he calls 'cyber helplessness' and how the mentality is infecting enterprises. Continue Reading
-
How did the Dirty COW exploit get shipped in software?
An exploit code for Dirty COW was accidentally shipped by Cisco with product software. Learn how this code ended up in a software release and what this vulnerability can do. Continue Reading