websec

Challenges in Scoring Application Security Test Findings

/ By

A simplified description of application security testing (or penetration testing) is a task that involves identifying application vulnerabilities and reporting how they were identified such that they can be replicated and ultimately remediated. I would like to complicate (refine) this definition to discuss two very important missing components: The distinction between vulnerabilities and weaknesses is …

Challenges in Scoring Application Security Test Findings Read More »

Getting Started in Web Application Penetration Testing

/ By

As the complexity and diversity of our connected systems expand, the need for specialized offensive security skills is increasing. In particular, specialization in application security has been forecast to drive the growth in penetration testing services. Combined with the allure that comes with breaking into systems as a career, it’s no surprise there are many …

Getting Started in Web Application Penetration Testing Read More »