You can't secure what you don't acknowledge.SM

Wednesday, June 4, 2014

More Web security vulnerability assessment, audit, and pen testing resources

I've been busy in the world of Web security testing - both with work and with writing. Check out these new pieces on the subject. I suspect I'll tick off a "researcher" or two given my business angle and 80/20 Rule-approach of focusing on the most problematic areas of Web security...Still, I hope that these are beneficial to you and what you're trying to accomplish in your organization:

Key Web application security metrics

Taking politics out of the Web security equation

Getting back to basics with Web security

Core causes of Web security risks and what you can do about them

Security Considerations When Using AWS Cloud Services

The Big Security Oversight When Using Amazon Web Services
Don't forget to check out all of my other information security content at www.principlelogic.com/resources. - See more at: http://securityonwheels.blogspot.com/#sthash.hRUYP9DQ.dpuf
Don't forget to check out all of my other information security content at www.principlelogic.com/resources. - See more at: http://securityonwheels.blogspot.com/#sthash.hRUYP9DQ.dpuf

By the way, with the continued banter/debate around vulnerability assessments v. audits. v. pen tests, here's my two cents on the subject:
Is it a pen test, an audit, or a vulnerability assessment?

Don't forget to check out all of my other information security content at www.principlelogic.com/resources

No comments:

Post a Comment