From the Fall 2023 Issue

How to Schedule a Pen Test

Author(s):

Paul Kubler, Red Team Lead, CYBRI

How to Schedule a Pen Test

A frequent occurrence in the cybersecurity world is having to scramble at the end of the year, between holidays, to get the compliance required pen test done. After all, it was probably conducted at the same time last year for the same reasons. This leads to an already overburdened staff dealing with the common holiday … Read more

From the Summer 2023 Issue

The Role of Threat Modeling in Penetration Testing

Author(s):

Andrew Obadiaru, CISO, Cobalt

Threat Modeling in Pen-Testing

As cybercriminals access increasingly sophisticated tools and techniques, organizations must develop comprehensive security frameworks and risk mitigation strategies. However, many modern defense strategies are still built on a reactive response to threats rather than a proactive approach that identifies potential risks before they become a problem. Threat modeling has emerged as a way to proactively … Read more

From the Spring 2023 Issue

Ransomware Prevention by Pen Testing

Author(s):

Paul Kubler, Red Team Lead, CYBRI

Ransomware Prevention by Pen Testing

Ransomware continues to be a major problem for organizations and costs them a significant amount of money and time to remediate. Even if a company has the best external IT security in place, a single email attachment can lead to a breach. More and more organizations are learning from this and testing their environment by … Read more

From the Winter 2022 Issue

What is PtaaS?

Author(s):

Caroline Wong, Chief Strategy Officer, Cobalt

What is PtaaS

Ransomware and other digital attacks continue to grow in frequency for companies around the world. With this, demand for cybersecurity services continues to grow as well. Services high in demand include professional services, pentesting, managed detection response, and more. It is, therefore, crucial to understand the innovation currently taking place in the cybersecurity sector. These … Read more

From the Winter 2021 Issue

Learning to Speak DevSecOps: Aligning Pentesting to Development Workflows

Author(s):

Caroline Wong, Chief Strategy Officer, Cobalt

devsecops

To stay competitive in the new “Age of Agile”, many DevOps teams are pushing new code releases more frequently than ever before. In fact, according to Statista, 27% of organizations release software on a daily basis and 24% release software weekly. The problem, however, is that in these scenarios, security, particularly pentesting, ceases to fit into … Read more

Bug Bounty – 10 Things You Should Know

Author(s):

Joy Akurienne Coker, Attorney Editor, Thomson Reuters

Bug Bounty

Bug Bounty has become a buzz phrase lately. With unprecedented cyber breaches and attacks, it’s no surprise that many companies and institutions are turning to bug bounty programs. What is Bug Bounty?      According to AT&T Cybersecurity, creator of Open Threat Exchange, the largest crowdsourced computer security platform, “Bug Bounty programs allow white-hat hackers and security … Read more

From the Winter 2021 Issue

The Next Generation of Pentesting

Author(s):

Paul Kubler, Red Team Lead, CYBRI

Next Generation Pentesting

Pentesting is an ever-evolving field, just like all fields in technology. Traditional pentesting revolved around networks and endpoints, the old basis for technology infrastructure in a company. Now, as COVID-19 pushed technology to change even faster in many companies, pentesting must adapt. In the last few years, cloud, mobile, and application pentesting have begun to … Read more

From the Winter 2021 Issue

Automated Pentesting – Can it Replace Humans?

Author(s):

Alex Haynes, CISO , IBS Software

Automated Pentesting

In the past few years, cybersecurity automation in many spheres of Cybersecurity increased dramatically. However, pentesting remains stubbornly immune to this. While crowdsourced security has evolved as an alternative to pentesting in the past 10 years, it’s not based on automation. Rather, the alternative simply throws more humans at a problem and in the process, … Read more