This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.
How you respond to any incident can have a dramatic effect on the overall outcome and its potential on going impact. Over this two-part series Foregenix will look to answer the question – “How well will you respond when it really matters?” covering Incident Response and the often-overlooked gap that is ‘Intrusion detection’ or as we like to call it ‘Incident Readiness.’
Historically, customers have used penetration testing to test the security of their infrastructure from an external or internal perspective. For a long time, this has been the ‘de facto’ standard to test for security vulnerabilities. However, we (penetration testers), have been aware for quite some time that this is not the full story.
Women’s representation in Cybersecurity is often a topic of discussion. As we speak, RSA Conference is being criticized for its lack of female keynote speakers with hundreds of Tech firms backing a rival event which promises to feature more women.
To defend against most online threats, you need to invest heavily in third party software to keep your eCommerce environment on lock down. You can have the best security systems in the world, but one well placed social engineering attack can undo all of your hard work and render your investment useless. Being aware of what social engineering is and the potential impact it can have on your business is critical to keeping your customers safe.
This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.
How you respond to any incident can have a dramatic effect on the overall outcome and its potential on going impact. Over this two-part series Foregenix will look to answer the question – “How well will you respond when it really matters?” covering Incident Response and the often-overlooked gap that is ‘Intrusion detection’ or as we like to call it ‘Incident Readiness.’
Historically, customers have used penetration testing to test the security of their infrastructure from an external or internal perspective. For a long time, this has been the ‘de facto’ standard to test for security vulnerabilities. However, we (penetration testers), have been aware for quite some time that this is not the full story.
Women’s representation in Cybersecurity is often a topic of discussion. As we speak, RSA Conference is being criticized for its lack of female keynote speakers with hundreds of Tech firms backing a rival event which promises to feature more women.
To defend against most online threats, you need to invest heavily in third party software to keep your eCommerce environment on lock down. You can have the best security systems in the world, but one well placed social engineering attack can undo all of your hard work and render your investment useless. Being aware of what social engineering is and the potential impact it can have on your business is critical to keeping your customers safe.
