Pen testing has always been viewed by IT security and data governance professionals as something of an audit exercise, with the pen tester undertaking a series of proscribed and planned tests, then reporting back to the IT security manager – or client management professional – in a report format, complete with recommendations. Dr. Philip A. Polstra, Sr, a Professor in… Read more »
» Listen or download now on the podcasts page » Vivek Ramachandran is perhaps best-known for his work on wifi security: he is, after all, the author of BackTrack 5 Wireless Penetration Testing. He’s also the founder and CEO of SecurityTube, which provides online security training. At Black Hat Europe 2013, however, his focus was elsewhere. Vivek presented a workshop on pen-testing… Read more »
» Listen now or download on the podcasts page » Offensive Security used Black Hat Europe in Amsterdam to launch the next incarnation of its popular pen-testing Linux distribution. BackTrack has now become Kali – a name derived from a warlike god or an African word meaning ‘hot’ or ‘fierce’ – take your pick. It represents a somewhat surprising change in direction…. Read more »
It’s a depressing fact that, sometimes, the very defences you put in place to protect your organisation can become the weakest point. In a presentation at Black Hat Europe, Ben Williams, a pen-tester with NCC Group, showed that many security products have flaws that can be exploited by attackers. It’s actually the second such presentation he’s given. The first was… Read more »
The ContraRisk crew is in chilly Amsterdam for Black Hat Europe 2013. And to get our coverage of the event rolling, we start with an old favourite – SQL injection (SQLi). » Listen or download now on the podcast page » Sumit ‘sid’ Siddharth, head of penetration testing for 7Safe (now part of PA Consulting), is a regular at security conferences, running… Read more »