Team Pentesting – The Unspoken Reality of Career Ethical Hacking

As a professional penetration tester, there’s one thing that rarely if ever gets discussed. Is it that the common image of a hacker, the lone wolf pounding away on a keyboard in a dark room only taking breaks for caffeine and cold pizza and, of … Continue reading Team Pentesting – The Unspoken Reality of Career Ethical Hacking

Cyber Security FUD – Fear and the Growth of the InfoSec Industry

How many times have you read marketing propaganda for information security products that includes slogans that sound like the following?

“Find out what’s lurking inside your system.”[1]
“With network security, if you’re n… Continue reading Cyber Security FUD – Fear and the Growth of the InfoSec Industry

False Positives: Why Vendors Should Lower Their Rates and How We Achieved the Best Results

In pursuit of a high cyberthreat detection rate, the some developers of cybersecurity solutions neglect the subject matter of false positives, and unfairly so. Regretfully, only then does the idea dawn on these developers that high-quality protection from cyberthreats involves not only prevention but also a low false-positive rate. Continue reading False Positives: Why Vendors Should Lower Their Rates and How We Achieved the Best Results

The security is still secure

Recently WikiLeaks published a report that, among other things, claims to disclose tools and tactics employed by a state-sponsored organization to break into users’ computers and circumvent installed security solutions. The list of compromised security products includes dozens of vendors and relates to the whole cybersecurity industry. Continue reading The security is still secure

Lost in Translation, or the Peculiarities of Cybersecurity Tests

AV-Comparatives simultaneously conducted two tests of cybersecurity products using one and the same methodology. What’s the difference between them and how to read the reports to see manipulation of figures and recognize biased marketing ‘next-gen’ rhetoric. Continue reading Lost in Translation, or the Peculiarities of Cybersecurity Tests

Lost in Translation, or the Peculiarities of Cybersecurity Tests

AV-Comparatives simultaneously conducted two tests of cybersecurity products using one and the same methodology. What’s the difference between them and how to read the reports to see manipulation of figures and recognize biased marketing ‘next-gen’ rhetoric. Continue reading Lost in Translation, or the Peculiarities of Cybersecurity Tests