security testing


security testing Blogs

  • Vulnerability management: not just for scanning known vulnerabilities

    Posted April 8, 2011 - 3:16 pm

    Proactively searching and fixing the unknown zero-day vulnerabilities saves time and money for everyone. And it is easy! Proactive testing is the most effective form of vulnerability management, because the earlier vulnerabilities are discovered, the easier and cheaper it is to fix them. Do not wait for the hackers to find the vulnerabilities!
  • Vulnerability Disclosure: Is it Blackmail, Whitemail or Bluemail

    Posted July 23, 2009 - 4:25 pm

    Hackers (or security researchers) come with a range of rainbow colored hats. Some guys'n'gals are nice (the White Hats). They find and disclose problems in communication products using approved responsible disclosure models. Others are in the business for money, and are not satisfied by the fame they get for disclosing problems. The process can easily get close to what some would consider unethical, or even direct blackmailing.
  • Fuzzing and Product Security

    Posted March 18, 2009 - 4:40 am

    Finally, some real data on the usage of fuzzing is emerging. Who is using fuzzing? How do people see fuzzing being used in the product security process? Forrester has included questions regarding use of fuzzing in to their questionnaire that they send to key industry CIOs, CSOs and CISOs. Security companies such as Cigital are publishing their findings. I have talked with these organizations and will be discussing my findings in this blog and the upcoming webinar.
Join us:






Join today!

See more content
Ask a Question