In my last blog I wrote about the advantages and disadvantages of modern AppSec tooling and how penetration testing fits into a DevSecOps... continue reading
We recently hosted a conversation with Alex Stamos (former CSO at Facebook, co-founder of the Krebs Stamos Group, and advisor to SolarWinds),... continue reading
The US Supreme Court just handed down a 6-3 ruling narrowing the scope of the Computer Fraud and Abuse Act (CFAA). It sets a precedent that... continue reading
May 25, 2021 5:00:00 AM |
By
Claire Tills & Jason Hernandez
As we discussed in our prior post, scoping is an important precursor to a successful security test. We walked through several high-level questions... continue reading
Security certs are a hot topic in the security community. The pro-cert and anti-cert camps are both strongly opinionated about where they stand in... continue reading
It’s time for yet another edition of the Bishop Fox CVE digest (see our previous installment from January/February here). In case you missed the... continue reading
So you want to expand your hacking repertoire and to play around with different radio protocols aside from the more ubiquitous Wi-Fi and... continue reading
In the past, we’ve released a few lists of some of our favorite pen testing tools (which you can read here: Pen Testing Tools We're Thankful for... continue reading
FROM SHORTENED LINKS TO FULL COMPROMISE A key value of continuous testing through Continuous Attack Surface Testing (CAST) is having a team of... continue reading
There’s no shortage of books about security, and it can be difficult to determine which titles are worth your time. Security how-to books also run... continue reading
