What I need from pen test reports.
I get a lot of pen test reports to read. They vary from beautifully crafted prose extolling the skilled exploitation of the system by security testing artistes to functional dumps of tool output into a...
View ArticleHow to develop a security test strategy, part one
This is the first of a series of posts describing how to put together a security testing strategy and the associated test plans. Part two is here and part three is here.What is a security test...
View ArticleHow to develop a security test strategy, part two
This is the second in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part three is here.What do you need to write a...
View ArticleHow to develop a security test strategy, part three
This is the third in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part two is here.This is what I want to see covered...
View ArticleMaking sense of pen testing, part one
This is the first in a series of posts looking at the current state of pen testing as I see it and presenting some ideas for the future. In this post I will apply a framework to understanding the...
View ArticleMaking sense of pen testing, part two
This is the second in a series of posts looking at the current state of pen testing as I see it and presenting some ideas for the future. Part one is available here.In this post I will explore some of...
View Article
