Penetration testing, ethical hacking and vulnerability assessments
In this security testing and ethical hacking guide, you will get info on how to conduct a vulnerability assessment of your network and IT environment with penetration testing and ethical hacking tools and software, ethical hacker training and certifications.
New & Notable
Penetration testing, ethical hacking and vulnerability assessments News
-
June 16, 2021
16
Jun'21
Zscaler: Exposed servers, open ports jeopardizing enterprises
Zscaler analyzed 1,500 networks and found administrators are leaving basic points of entry wide open for attackers as neglected servers are falling by the wayside.
-
June 15, 2021
15
Jun'21
Apple issues patches for two more WebKit zero-days
Apple said both WebKit zero-days, which affect older iOS devices, have reportedly been exploited in the wild, but further details about the threat activity are unknown.
-
June 08, 2021
08
Jun'21
CISA taps Bugcrowd for federal vulnerability disclosure program
The new program follows a CISA directive from September that requires executive branch agencies to create and publish vulnerability disclosure policies.
-
June 07, 2021
07
Jun'21
Hackers vs. lawyers: Security research stifled in key situations
The age-old debate between sharing information or covering legal liability is a growing issue in everything from bug bounties to disclosing ransomware attacks.
Penetration testing, ethical hacking and vulnerability assessments Get Started
Bring yourself up to speed with our introductory content
-
How to get started with security chaos engineering
Introducing security chaos engineering: the latest methodology security teams can implement to proactively discover vulnerabilities or weaknesses in a company's system. Continue Reading
-
threat modeling
Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system. Continue Reading
-
ethical hacker
An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit. Continue Reading
Evaluate Penetration testing, ethical hacking and vulnerability assessments Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Applying web application reconnaissance to offensive hacking
Learn how to apply web application reconnaissance fundamentals to improve both offensive and defensive hacking skills in an excerpt of 'Web Application Security' by Andrew Hoffman. Continue Reading
-
Collaboration is key to a secure web application architecture
Author Andrew Hoffman explains the importance of a secure web application architecture and how to achieve it through collaboration between software and security engineers. Continue Reading
-
How to perform a cybersecurity risk assessment, step by step
This five-step framework for performing a cybersecurity risk assessment will help your organization prevent and reduce costly security incidents and avoid compliance issues. Continue Reading
Manage Penetration testing, ethical hacking and vulnerability assessments
Learn to apply best practices and optimize your operations.
-
How to handle social engineering penetration testing results
In the wake of conducting social engineering penetration testing, companies need to have a plan ready to prevent or minimize phishing, vishing and other attacks. Continue Reading
-
How to ethically conduct pen testing for social engineering
Author Joe Gray explores his interest in pen testing for social engineering, what it means to be an ethical hacker and how to get started in the career. Continue Reading
-
5 cybersecurity testing areas CISOs need to address
With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
Problem Solve Penetration testing, ethical hacking and vulnerability assessments Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
5 cybersecurity lessons from the SolarWinds breach
Ransomware attack simulations, accessing enterprise logs and pen testing software code are among the best practices cybersecurity pros suggest following the SolarWinds breach. Continue Reading
-
Hands-on guide to S3 bucket penetration testing
Attention AWS pen testers: The trick to understanding the indicators of AWS S3 bucket vulnerabilities is setting up an insecure bucket. Learn how in this actionable guide. Continue Reading
-
How to handle Amazon S3 bucket pen testing complexity
Security researcher Benjamin Caudill shares details from his book, 'Hands-On AWS Penetration Testing with Kali Linux,' and advice on Amazon S3 bucket pen testing for ethical hackers. Continue Reading