Collaborative Penetration Test & Vulnerability Management Platform: Faraday

Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the data generated during a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way. Designed for simplicity,…

October is Cybersecurity Awareness Month!

October is National Cyber Security Awareness Month which is an annual campaign to raise awareness about the importance of cybersecurity. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events…

Security Operations Center (SOC) Vs Network Operations Center (NOC)

Work in cybersecurity field is full of surprises every day. In information security, just as on a football field, if you do not understand formations, play calling, and tendencies of your opponents, then you will not be able to understand the risks your organization is facing.

Python for penetration testers

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them. Most of the listed tools are written in Python, others are just bindings for existing C libraries, i.e. they make those…

The four faces of the CISO

CISOs continue to serve the vital functions of managing security technologies (technologist) and protecting enterprise assets (guardian). At the same time, they are increasingly expected to focus more on setting security strategy (strategist) and advising business leaders on security’s importance (advisor). 

What Does a CISO Do?

A CISO is the executive-level manager who directs strategy, operations and the budget for the protection of the enterprise information assets and manages that program. The scope of responsibility will encompass communications, applications and infrastructure, including the policies and procedures which apply.