When it comes to deciding what security certifications to pursue, IT professionals should understand that they will be better off career-wise if they ask—and then
We like to read the latest and greatest security books, andsometimes the author and/or publisher is generous enough to share an extended with us –
As a recruiter, I often have the question posed to me in a variety of ways, “Exactly what is it that hiring managers want?” What
The last time I checked, the majority of networking and security professionals were still human. We all know that the problem with humans is that
The sharp short sound of a black agent hibernating his Laptop’s OS echoed in the room. The box banged shut making the screen and the
When I communicate with programmers who are writing a code for custom applications, I often wonder how carelessly they relate to the issue of safety
Why use GWT? Most modern web applications utilize an AJAX functionality of some sort to make them highly interactive and to have a user interface
A lot of networks use NAT (Network Address Translation) these days. This allows the systems on the same network to have a single global IP
Introduction In the second installment of this series, we discussed one of the most prevalent attacks to applications: SQL Injection. The previous discussion introduced the
The first phase in security assessment is to focus on collecting as much information as possible about a target application. According to OWASP, information gathering
The pcAnywhere source code leaked out onto the internet late January 2012 includes 47,021 files weighing in at 1.3GB. The October 2006 snapshot provides an
This is Chapter 4 in Tom Olzak‘s book, “Enterprise Security: A practitioner’s guide.” Chapter 3 is available here: Building the Foundation: Architecture Design – Chapter 3
With the advancement of the technology in the field of computers, requirement for hybrid setups has also escalated. Nowadays every company is using a heterogeneous
Introduction There are multiple intercepting proxy tools available and Burp Suite is one of the best tools available for interception. If you are not yet
DNS is a naming system which coverts human readable domain names into computer readable IP addresses. Whenever there is a query for a domain which
I have a pet hate. This is something that really annoys me when I get a new laptop, which if you ask my girlfriend is
Summary Android’s increasing popularity, combined with the possibility to create alternative markets, makes this platform a fertile ground for malware authors. While most of these
In this article we will cover the results of an informal investigation I performed into phishing websites. Rather than simply reviewing them externally as a
This article focuses specifically on the techniques and tools that will help security professionals understand penetration testing methods for iPhone applications. It attempts to cover
If one gets diseased then he must search for the cure which uproots the disease. Hence, prevention is no longer better than cure. -Rohit Kohli
