Security Testing Case Studies
Learn Shorebreak Security’s new vulnerability management service Lifeguard, is helping customers narrow the gap between vulnerability exposure and vulnerability remediation. Learn how Shorebreak’s team of expert penetration testers were able to take over a city and a Federal government laboratory.
Core Competencies of a Professional Penetration Tester
Unlike the attacker we emulate, we need to be able to present solutions to the problems we find. Here are what we feel are the core competencies necessary to be a professional penetration tester.
What is a Penetration Test?
It’s hard to find an accurate definition of a penetration test, but we can tell you how we view and a penetration test, so let’s get started. Firstly, we would like to acknowledge the awesome work done by the VERIS team in establishing a framework and common language for security incident event reporting. It’s critical that the security community […]
The Difference Between a Vulnerability Assessment and a Penetration Test
What’s the Difference? The purpose of this post is to explain some differences between a vulnerability assessment and a penetration test so you know what to expect when you purchase either service. The primary difference between a penetration test and a vulnerability assessment is that a vulnerability assessment is threat-agnostic. Where a penetration test focuses on […]
3 Tips on How to Get the Most Out of a Penetration Test
We hope that this post helps you get the most out of your next penetration test. 1) Refine and Communicate the Purpose Why are you doing the penetration test? Is it to meet a specific compliance requirement, or is it to test your security and determine risk. If it’s both, you’re likely going to have […]
5 Questions to Ask a Prospective Penetration Test Company
The purpose of this article is empower you to ask the right questions of a company that you are considering hiring for a penetration test. Unfortunately, there are a lot of companies and people that offer penetration testing, but in reality, they often do little more than vulnerability scanning. On one hand, you may get […]