As a SANS Subject Matter Expert, I often get asked for tips on how to pass GIAC certification exams. Here are some tips and tricks I have learned.
The CCPA give California residents a lot of rights regarding their digital privacy. Part 2 of a 3-part series.
The California Consumer Privacy Act (CCPA) is one of the strongest digital privacy laws in the US. Part 1 of a 3-part series.
There are testers who think I’m nutz for insisting that they sort any lists they include in their reports. Let me tell you my side of the story…
The OWASP Top 10 details critical risks associated with web application security and is the defacto standard for web app security.
A good pentest report is supposed to be a teaching tool that provides the folks on the receiving end with information that makes it possible for them to do a lot of the same things we did. Here are a few reasons why we want them to do that.
If you really, honestly, and truly want to take your reports to the next level, hire an editor.
If what you did does not show up in your pentest report, it didn’t happen. So how do you make sure your report captures everything you did? (First in a series of posts.)
The old adage, “knowledge is power,” is true in general, but in infosec, knowledge is mission critical. Luckily, there are a lot of tools to make recon easier.