vulnerability – I Am Security

Guest post: Why you need patch management

Jan 25, 2012

—

by

Today we have another guest post from our friends at GFI – this time on patch management (which unfortunately is one of the reasons that so many pentests are so easy to succeed in…) Every organization uses several types of software such as operating systems, servers, clients and many other third party applications. Every software…

7 Steps to consider when running a Vulnerability Assessment

Aug 1, 2011

—

by

iamit

in Guest post, Security Research

Today I’m proud to give this stage to some friends from GFI (have some good friends from the former Sunbelt guys that were acquired by GFI last year). Vanessa is our guest blogger, and she’s got a great post on how to run a more effective Vulnerability Assessment process in your organization. Do you…

The curious case of Dropbox security

Apr 13, 2011

—

by

iamit

in Opinion, Security Research

After the disclosure of the host_id authentication issues that plagued the popular Dropbox service last week, a new issue came up with the fact that Dropbox can detect whether the files you are trying to upload to their cloud already exist there, and “save you the bandwidth” of uploading it if they already have a…

Defining Penetration Testing

Mar 4, 2011

—

by

iamit

in Opinion, Security Research

I have been fortunate enough to be working with a group of peers from the security industry over the past few months (since November 2010) on finally creating a solid definition of what a penetration testing is. It has been a topic that has been abused, cannibalized, and lowered toÂ a level where we (as in…