by Nikos Vassakis | Nov 16, 2012
Having a secure web application is obviously in the best interest of the business. However, in many cases the developing is done without security in mind. Understandably time-to-market is an important factor for a business but a layered security approach will be more...
by secforce | Feb 23, 2011
One of the questions that we get from time to time is “Why should I conduct a penetration test?†Undoubtedly every business works in a different way and the value of conducting a penetration test varies in each case. Some businesses might manage IT security in a...
by secforce | Feb 23, 2009
We face this kind of issue everyday. There are two different approaches to web application penetration tests: An increasingly number of companies are buying automatic web scanners, run them, generate some results and put them in a report-shaped tin, ready to go to the...
by secforce | Dec 30, 2008
In a presentation at the Chaos Communication Congress (Berlin, 27-30 December 2008) Alexander Sotirov, Marc Stevens and Jacob Appelbaum revealed how a weakness in the MD5 hashing algorithm could be used to create a rogue certificate. Previous research showed the...
by secforce | Oct 30, 2008
There are no doubts that penetration testing is becoming mainstream now. It looks like business are eventually concerned about security. Compared to some years ago the number of companies requesting penetration tests has increased exponentially and therefore the...