Article Archive

Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard.  This template, which can be...

Part Two in a multi-part series on holistic, multi-disciplinary analysis and reversing. You can read part one of this series here. The last post, "Mutex Analysis:...

Part One in a multi-part series on holistic, multi-disciplinary analysis and reversing. This post is based on a presentation I gave at the last Thotcon, but...

In our ongoing series of interviews, this week Val Smith answered a few questions and pulled back the curtain a bit on the methods, tools and motivation for...

[highlight color="blue"]Interested in formal OWASP Top 10 Training? Check out our  OWASP Top 10 Training course OWASP Top 10 Training. [/highlight] Description:...

Information Technology Basics In its most basic form, information technology (IT), can be reduced down to IPO.  No that’s not an Initial Public Offering,...

In our ongoing series of interviews, this week Stefan Esser answered a few questions and pulled back the curtain a bit on the methods, tools and motivation...

One of the biggest problems that businesses and individuals face today is the cost of web application security. It is not uncommon in the UK, for example, to...

“IT Governance and Controls” or “IT Monitoring and Assurance Practices for Board and Senior Management” Take your choice of titles of this article,...

In very simple terms, Arachni is a tool that allows you to assess the security of web applications. In less simple terms, Arachni is a high-performance,...