Active subscribers – to download this issue click on the cover of the magazine on the main website or scroll down this page and click the Download button
Single issue buyers – after paying for this issue click “PenTest Market 02/2012″ (which will show just above that text)to download your copy of the magazine
Interview with Victor Mehai Christiansenn
by Aby Rao
Pen test market has grown a lot during the last few years and the good news is that this increase is not going to stop as there will always be a new vulnerability and and the remmedy for it is required instantly. So we always to keep finding new possible loopholes and the customers and end users do understand the need Pen-Testing as it’s a proactive way of finding what might be coming to them in the future and they do want stay prepared and prevent it on it. There is nothing better than Pen Testing and it just going to increase more and more in the coming time.
Walk Trough the Penetration Testing Fundamentals
by Pierluigi Paganini
The figure of the pen tester is a critical figure, he must think like an hacker paid to break our infrastructures and access to the sensible information we possess, for this reason the choice of reliable and professional experts is crucial. The risk to engaging the wrong professionals is high and it is also happened in the history that companies have wrongly hires hackers revealed in the time cyber criminals. The information is power, is money and the concept of “trust” is a fundamental for this kind of analysis.
Interview with Michael Brozzetti
by Aby Rao
IT security professionals can make excellent candidates for IT auditors because it’s like looking through the other end of the lends. IT Auditors are independent of operations, so an IT security professional transitioning has the practical experience to know where vulnerabilities might exist or where operations personnel might be prone to taking “short-cuts.” This operational experience can certainly help them make sound recommendations for organizational improvement if they decide a transition into IT Auditing.
Interview with Mehmet Cuneyt Uvey
by Jeff Weaver
The profession of Auditing is one of the oldest ones in human history. There are many different types (Financial, Quality, Operational, Health and Safety, etc.) and levels of auditing. The first requirement for the auditors is to know the business that they are auditing. Risk assessment know-how is a must. Auditors need more Technical skills, understand Project Management and should also spend time for learning the SDLC (Systems Development Life Cycle) for the relevant business processes so that they can look underneath the numbers (business results), but also to the systems and processes that create those numbers.
Interview with Lukas Ruf
by Aby Rao
As a security consultant supporting customers internationally, EU faces exactly the same problems like any other regions. In general, however, the EU is positioned better to counteract attacks effectively than other due to a good level of education and, hence, awareness of threats and daily mitigation measures.
by Ian Moyse
Cloud computing is a new concept of delivering computing resources, not a new technology. Services ranging from full business applications, security, data storage and processing through to Platforms as a Service (PaaS) are now available instantly in an on-demand commercial model. In this time of belt-tightening, this new economic model for computing is achieving rapid interest and adoption.
Have you M.E.T?
Due to the large gray area in the field of software security, it is very difficult to spot a good penetration tester. Add to it the “ethical” baggage, and things get even more murkier. Based on experience, the author discusses the elements that make a successful penetration tester. Hopefully, these ideas shall help your organization in making a well-informed choice.
Interview with Joe Hillis
by Aby Rao
Disaster Recovery is a subjective area; typically viewed differently by technology professionals and business leaders. The “best” method is generally driven by a business’s operational needs and budget, but involves the common underlying process of making systems and data available after a catastrophic event. For some, it simply means having access to data files within 3 days; while others may require continuous access to systems and data, regardless of the event.
Interview with Jay McBain
by Aby Rao
Building a personal brand is key in today’s “flat” world. Social media is one of the tools that blend with a more physical presence through local communities, charities, industry events, associations and peer groups. Social media can build large, targeted virtual peer networks and has an ability to amplify thought leadership more than any medium in the past.
Interview with Raj Goel
by Aby Rao
At a very high level, CEOs and CFOs are primarily concerned with lowering costs, increasing revenues. IT security doesn’t really matter to them – I’m met very few CEOs or CFOs who actively seek out IT compliance or IT audit services. If they could avoid them, they would – with the exception of Sarbanes-Oxley (SOX) compliance – that’s the only regulation that captured their attention and budgets.
10 Ways to Enhance Your Career in Information Security
by Aby Rao
At first glance, this may look like one of those self-help articles promising that your life will turn around 360 degrees if you follow the advice offered. Sadly, I am making no such promises. It could very well be 30 or 50 ways to enhance your career, but I have limited it to 10, based on my personal experiences. This article is primarily targeted towards people who are at entry-level positions, or are making a switch to IT Security from a different field of work. Experienced professionals shouldn’t have a problem running through the list fairly quickly.
- Register, accept the Disclaimer and choose subscription option.
By choosing the Free Account option you will only be able to download the teaser of each issue.
- Verify your account using the verification link sent to your email address.
- Check the password sent on your email address and use it to log in.
- Click the download button to get the issue.
IMPORTANT: the registration on the website includes subscription to our newsletter.