Tenable Nessus says that the are "the most widely deployed vulnerability scanner in the world". Truth be told I have not seen the data but I am always impressed when I use it as a stage-1 step in web application testing. It almost always gives me great leads to follow through stage-2 tools and manual testing.

What Is The Latest News on Nessus? Version 6 – See The Latest Features Of This Top Ranked Vulnerability Scanner!

The latest version, Nessus v6, enables you to reduce your attack surface by enforcing compliance and system hardening policies. Nessus users will more easily be able to create and customize compliance and security policies while also being able to manage scan results, schedules, and policies.

11 Signs You’ve Been Hacked

Redirected Net searches, unexpected installs, rogue mouse pointers: Here’s what to do when you’ve been 0wned

The 2015 Social Engineering Survival Guide

Often, it’s the goal of the social engineer to push an attack just one step further by obtaining a password, or even getting a name that can be dropped in a planned, deeper social engineering attack.

Do Not Forget – The Worlds Best IT Security Testing Framework, And Recently Updated: OWASP v4

The OWASP Testing Project has been in development for many years. The aim of the project is to help people understand the what, why, when, where, and how of testing web applications.

It seems like the storyline and endgame are increasingly repetitive when it comes to hacking.

The Massive Breach at Sony Pictures Has Raised Fears That Cyber Crime Is Outpacing Corporate Security

When it comes to security best practices, Is it not prevention versus detection? Proactive mitigation or mopping up after the fact? Proactive risk assessment or trying to come up with an excuse once valuable data/info has been stolen?

Therefore IT audits and internal penetration testing before someone else (who you do not know) “audits” or “pen-tests” or simply hacks your environment are crucial.

Another Definition Of Social Engineering | jockster@gmail.com

“Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.”

The Essence Of Social Engineering | Integral To Hacking | Manipulation | Persuasion | Coercion

You can simply call it a con-game or a confidence scheme but social engineering is integral to hacking into company assets. And this is where the “nerd” sphere disappears and we enter the mindset of people that may not have tip top technical skills.

At first glance audits and penetration testing may seem to be a drag on the momentum of a business's progress. This cannot be ignored - momentum is very important.

Why Do IT Audits and Internal Penetration Testing Work?

The bottom line is this. You want uptime, reputation, revenue and continuity of service. More and more there are nefarious individuals and groups bent on preventing this.

2015 NADA – Blizzard 2015: New England Buried, NYC Lifts Travel Ban. +7,700 flights cancelled.

Coastal New England was battered Tuesday by a blizzard of blinding snow, ferocious waves and winds that topped hurricane speed, and city streets in Boston were empty of all but snowplows.

Jock Pereira | Ethical Hacker | Social Engineer | Penetration Tester | Incident Handler

Ethical hacker, SQA engineer, penetration tester, pen-tester, social engineer, human nature expert.

Monthly Archives: January 2015

Do Not Forget – The Worlds Best IT Security Testing Framework, And Recently Updated: OWASP v4

The Massive Breach at Sony Pictures Has Raised Fears That Cyber Crime Is Outpacing Corporate Security

Why Do IT Audits and Internal Penetration Testing Work?

2015 NADA – Blizzard 2015: New England Buried, NYC Lifts Travel Ban. +7,700 flights cancelled.