- Assessments Cheat Sheet for Creating Security Assessment Reports
There's surprisingly little online guidance about creating good security assessment reports. This one-page cheat sheet covers the general approach, data analysis, methodology documentation, scope...
- Tools Using Pastebin Sites for Pen Testing Reconnaissance
Pastebin sites can aid penetration testing reconnaissance—stolen data, source code snippets, configuration details, and employee information often appear there. Tools like Pastebin Parser search...
- Assessments Why Your Security Assessment Recommendations Get Ignored
Security assessment recommendations get ignored for several reasons: reports go unread due to poor writing or checkbox compliance, readers disbelieve findings that contradict their views, IT staff...
- Social Networking Security Implications of the "Web" Becoming the "Social Web"
The web is becoming the social web—instant communication, public archives, mobile access, weak relationships. Security implications: business interactions occur outside corporate networks, data leaks...
- Assessments Write a Strong Executive Summary for Your Security Assessment Report
Most readers only see the executive summary, so put key takeaways there. Make it understandable to non-technical executives, connect findings to business relevance like risks and compliance, keep it...
- Authentication The Use of Pastebin for Sharing Stolen Data
Attackers use Pastebin for sharing stolen data because it's easy, handles large text, doesn't require registration, and doesn't proactively moderate. Trending pastes often include compromised...