Which Penetration Testing Qualification is best from a client perspective:

If your planning on using Linux in a hostile environment, i.e. the Internet! then its worth thinking about some simple little tweaks to the TCP/IP stack in conjunction with some funky firewall madness to keep your box your own, and not end up “owned” too quickly! Lets start with the TCP/IP stack. There are a [...]

Its time for a small reality check. Security does not have to cost the earth. Just because your a large corporate with over a 1000 employees doesn’t mean you “have” to buy brand name security. In fact, I would argue quite the opposite, invest that money in some quality people, treat them well, and get [...]

This is a debate I regularly get into with my team. Personally, I think that yes, credentials can bring credibility with an audience, or with a prospective employer. Lets look at how this works: C|EH (Certified Ethical Hacker). Anyone who has been in that area of work for a number of years will state that [...]

Ok, its been ages since I actually had snort up and running, so long in fact that the last time I used it, ACID was still the best way to deal with the alerts! Well after a couple of days (well a couple of hours here and there at least) I have a fully functional [...]

I work in a world of standards, opinions, controls and countermeasures, all encompassed in a foreign language of “InfoSec” and “ItSec”. This of course, while entertaining, is of little use to the world. I would like to propose a simple concept, probably high level, and I am sure my peers would argue is “inadequate”, that [...]

First of all, legislation doesn’t die, it just becomes BAU. PCI is still a pain for most, but as a race, us Humans are fickle creatures who like our topics and news to be current, so the latest and greatest will always be at the top of the agenda.