Top 5 open-source tools for network vulnerability scanning

Organizations conduct vulnerability assessments for their networks to identify the existing vulnerabilities, weaknesses, and loopholes. The results of such an assessment can help a network administrator in understanding the security posture of their network and implement defensive measures against potential threats and vulnerabilities. So often, vulnerability assessments involve a network vulnerability scanner tool which can … Continued

DevOps best practices for vulnerability scanning

Considering the market dynamics and increasing competition in various industry segments, organizations seek to minimize their applications’ time-to-market. Companies adopt DevOps principles for improving the delivery speed and enhancing the agility in their workflows. While DevOps is not a new concept, it focusses on collaboration between development and operations within an organization. Due to this … Continued

Penetration Testing and Vulnerability Scanning Controls for ISO 27001

Penetration testing has become a necessity for modern-day enterprises. An organization has to remain proactive in finding & fixing vulnerabilities in its systems before the attackers do. In addition to this, more and more laws and regulations now require organizations to implement reasonable security practices to maintain confidentiality, integrity, and availability of their data. While … Continued

Penetration Testing for ISO 27001 Control A.12.6.1

Out of all the security standards that have been prescribed by various bodies and organizations so far, ISO 27001:2013 has been the most popular one – without any doubt. Containing ten clauses and 114 controls, this standard has also served as a stepping stone for many organizations to improvise their information security policies and procedures. In this … Continued

Penetration Testing and Vulnerability Scanning for PCI DSS

Irrespective of the industry, penetration testing and vulnerability scanning exercises help businesses a great deal when it comes to the security of their technical infrastructure. For businesses processing sensitive data such as credit card data, such practices have more relevance than ever. The foundation for this article was laid by one of our previous articles where … Continued

PCI Penetration Testing

The first version of the PCI DSS standard was released in 2004 for laying down the minimum security requirements when it comes to handling and managing customers’ card information. Over the years, different versions have been introduced, and at present, version 3.2.1 is the latest version released in May 2018. In this article, we will discuss the role of penetration testing … Continued