🔥 Subscribe to Our Monthly Security Digest Newsletter
Over numerous Windows configuration review engagements that we have performed for our clients, we observed a common pattern in the configuration weaknesses that are worth […]
Read More →Business logic vulnerabilities have always been the elusive unicorn of the application security world that makes a clear business case for manual penetration testing in […]
Read More →This year at the RSA Conference HP officially released its annual Cyber Risk Report. This report is one among many industry reports that individuals and companies who […]
Read More →Late last year, I was in on a meeting where our Training team was gathering requirements for a Custom CBT to be built for a […]
Read More →Last month, a story ran on Dark Reading around why security awareness is useless. I cringe reading such stories because I believe that one fundamental problem […]
Read More →
It is easy to be skeptical about PCI Compliance and the requirement to deploy Training to satisfy a checklist item. This idea that a checklist approach […]
Read More →By Nima Dezhkam and Rohit Sethi Steve, the application security expert, walks into a room of his company’s senior developers. He projects a carefully prepared […]
Read More →Senior developers and architects often make decisions related to application performance or other areas that have significant ramifications on the security of the application for […]
Read More →When a wireless security assessment is performed, its goals typically include 1) identifying anomalies in the security configuration of the target organization’s wireless infrastructure, and […]
Read More →
Regulations and Standards Demand Robust Training When we talk about security training, we tend to think of regulations and compliance. In other words, we have […]
Read More →