Follow us on social networks:

+

ATTENTION! If You're from the US and You'd like to buy a subscribtion please contact us directly at email: milena.bobrowska@pentestmag.com

PenTest Regular 02/2012

January 31, 2012


Issues admin Comments Off
This text is available for purchase but you need to login or register first.

You can buy this for 10 USD

Please register for free account or subscribe and get access to all issues on this website!
Username:
Password:
Remember Me

Important:
Active subscribers – to download this issue click on the cover of the magazine on the main website or scroll down this page and click the Download button
Single issue buyers – after paying for this issue click “PenTest Regular 02/2012″ (which will show just above that text)to download your copy of the magazine

PenTest Regular 02/2012

PenTest Regular 02/2012

Tool Jockeys in Disguise: Defeating the Push Button Penetration Testers
by Wardell Motley

What drives your search for a penetration tester? Was it a recent security breach, or a compliance requirement, or maybe just a conversation over a round of golf with someone that recently underwent an assessment? No matter what the reason you will need someone who is not only competent and familiar with the latest threats and technologies, but also someone that can associate the vulnerabilities you may have to the business risk to your organization.

Penetration Testing Strategy: Beyond Discrete Vulnerabilities
by Shohn Trojacek

Who really cares about a Penetration Test? It can be reasonably determined that by virtue of reading an article such as this, the reader already cares to some degree, about a penetration test. However, the reader is undoubtedly aware that many outside the field of IT Security, and ostensibly in the
business world, may not care.

Adopting Secure Software Development Processes
by Michel Chamberland

If you could tell your customers that you can help them secure their custom built software, significantly reduce the number of bugs and save them money in the process, do you think they would heed your advice?

Use and Abuse of Cryptographic Hashes
by Tor E. Bjørstad

Some of the most devastating security flaws appear when there is a logical error in the deployment or use of a security component. Cryptographic hash functions are among the most widely used security algorithms, yet they are often poorly understood by developers and security practitioners alike. The devil is in the details, and when it comes to custom cryptographic mechanisms, it is deceptively simple to take a wrong step.

Choosing a Safe Password
by Bartłomej Wypych

Passwords have become an integral part of our computer lives to the point, where we no longer pay any special attention to using them. Everyday we use one to log on a computer, access a social network account, or a discussion board, check e-mails and pay bills. All this in the comfort of our homes. We tend to forget that passwords are used to verify the identity of a person trying to access something. Be it for any of the aforementioned reasons, passwords are applied to ensure that the person trying to gain access, is the person they claims to be and is access to the stored data.

Virtualization: Pills and Other Threats
by Dariusz Wierzbicki

Virtualization in addition to many advantages also raises security issues. Virtual environment are very different from physical; it requires a different approach to security matters. Administrators often are not aware of safety issues specific to virtual environments or realize the dangers after deployment.

Session log-in-out
by Jatin Jain

Web applications are not able to recognize whether a request is somehow related to the previous requests, Session Management is the technique used by the web developer to make the stateless HTTP protocol support session state.

How is Second Becoming First?
by Aleksandar Bratic

Very often IT personnel in attempt to protect their applications, forget to secure layer 2, relay to much on anti-virus and firewall solution. The main problem is that when layer 2 is compromised, upper layers are not aware of problem, so every upper layer protection is useless.

Review of Christopher Hadnagy’s Social Engineering: The Art of Human Hacking
by A Rao

Social Engineering is not a technical book, at least not in the traditional sense. You will not see extensive discussion about ports, firewalls or encryption. If you were hoping for any of those topics, then you are in for a disappointment. This book is about human hacking, again not in the traditional sense. At the end of the day, security boils down to humans. Humans are vulnerable and no technology is secure if it is protected by people who can be deceived.

Interview with Raymond Friedman
by A Rao

Raymond Friedman is the CEO and President of mile2, and has been in the IT Security Space, since 2002. While in this industry, he has been actively engaged in consulting for global financial and government institutions; performing security audits, penetration tests and digital forensics services. During his tenure at mile2, Raymond has spearheaded the development of the present series of mile2 certifications, which have become globally recognized by military worldwide. Presently, Raymond carries several certifications and advanced degrees, in Master of Science in Accounting , Forensics & Controllership, the Certified Information Systems Security Officer, Certified Penetration Testing Engineer, and Certified Digital Forensics Examiner.

PenTest Regular 02/2012 TeaserPenTest Regular 02/2012 Teaser – PenTest Teaser
PenTest Regular 02/2012 Teaser

Follow the steps below to download the magazine:
  1. Register, accept the Disclaimer and choose subscription option.
    Attention!
    By choosing the Free Account option you will only be able to download the teaser of each issue.
  2. Verify your account using the verification link sent to your email address.
  3. Check the password sent on your email address and use it to log in.
  4. Click the download button to get the issue.


IMPORTANT: the registration on the website includes subscription to our newsletter.

Comments


Share and Enjoy:
These icons link to social bookmarking sites where readers can share and discover new web pages.

  • LinkedIn
  • Facebook
  • MySpace
  • Google Bookmarks
  • BlinkList
  • MisterWong
  • Y!GG
  • Webnews
  • Digg
  • del.icio.us
  • StumbleUpon
  • YahooBuzz
  • Reddit
  • Wikio UK

Tagged with:

Comments are closed.

Contact Us


IT MAGAZINES: Hakin9 Magazine | Pentest Magazine | eForensics Magazine | Software Developer's Journal | Hadoop Magazine | Java Magazine
IT Blogs: Hakin9 Magazine Blog | Pentest Magazine Blog | eForensics Magazine Blog | Software Developer's Journal Blog | Hadoop Magazine Blog | Java Magazine Blog
IT ONLINE COURSES: Pentest Laboratory
JOB OFFERS FOR IT SPECIALIST: Jobs on Hakin9 Magazine | Jobs on Pentest Magazine | Jobs on eForensics Magazine | Jobs on Software Developer's Journal | Jobs on Java Magazine | Jobs on Hadoop Magazine
Hakin9 Media Sp. z o.o. Sp. komandytowa ul. Postępu 17D, 02-676 Warszawa