Is Web App Penetration Testing Worth the Price?
The Fundamentals of Web App Penetration Testing A couple of blog posts ago we went through the fundamentals of Web Application Penetration Testing. We suggested that a web application penetration test is an assessment of the security of the code and the
The SolarWinds Sunburst Attack: How to Protect Yourself from 5th Generation Cyberattacks
Last week US government offices were targeted by one of the most sophisticated and severe attacks seen in history both because of the sophistication and scope. A series of mega cyber-attacks were launched and thus far it appears were conducted
The Fundamentals of Web App Penetration Testing
The Fundamentals of Web App Penetration Testing First, let’s start with what a Web App Penetration Test is and list the different names and service synonyms that you may see that typically mean the same thing as a web app penetration
Taking a Risk-Based Approach to Patch Management
Designing and Implementing a Risk-Based Patch Management Program In this blog post, we wanted to take an additional step into explaining the benefits of quality vulnerability management, vulnerability assessments and patch management. We have discussed the topic at your request in
The 5 Steps to Building a Zero Trust Network
The 5 Basic Steps to Building a Zero Trust Network Zero Trust is a network security model, based on a strict identity verification process. The framework dictates that only authenticated and authorized users and devices can access applications and data -
Security Leaders Grapple with Understanding Their Own Cybersecurity Risk – Part 2
Risk Management Comes Back into Focus – Part 2 In our last blog post, Security Leaders Grapple with Understanding Their Own Cybersecurity Risk – Part 1 we quoted a recent Forrester Survey which polled IT Security leaders on their ability to
Security Leaders Grapple with Understanding Their Own Cybersecurity Risk – Part 1
Risk Management Comes Back into Focus Less than 50% of IT Security leaders are able to measure or quantitatively understand their organization’s level of risk. According to a study published by Forrester, just 51% of the security pro’s that were surveyed
ZeroLogon Illustrates Importance of Vulnerability Management
ZeroLogon and the Importance of Vulnerability Management In this blog, we have written about regular security hygiene including executing regular vulnerability assessments and implementing a viable vulnerability management program. However, many security professionals see vulnerability management as a cumbersome set of
What You Need to Know About Vulnerability Assessments
How Vulnerability Assessments Differ Across Providers In our Vulnerability Management – A Best Practice blog post, we suggested vulnerability assessments were the process of scanning for and identifying possible vulnerabilities and risks within an organization’s systems. We further suggested that vulnerability
Why Organizations Are Moving to Managed Firewall and SIEM Solutions
Overcoming the Challenges of Firewall and SIEM Management This blog post is not a commercial for SecureOps; we have just worked with enough clients to know that tuning firewalls and managing SIEMs, particularly handling the hundreds, if not thousands of security