Performing code reviews to PCI requirements
We were asked by a customer about performing code review based on the PCI requirements. The questions they asked were: Is there a checklist that exists that covers all of the PCI requirements? Are...
View ArticleFiresheep – What About Your App?
FireSheep, at this point, is somewhat old news; even when FireSheep was released, the issue it exploits “under the hood” has been old news for a number of years. If you haven’t heard of it yet,...
View ArticleThe Vulnerability Disappearing (and Reappearing) Act
As vulnerability assessments continue from quarter to quarter, some vulnerabilities seem to appear, disappear, and reappear again. Some appear that were never seen before, despite the fact the affected...
View ArticleThe value of multi-layer / comprehensive pen testing
For the past five years it seems like almost everything in information security has focused on application security and, for the NetSPI consulting practices, our application security business (app pen...
View ArticlePerforming code reviews to PCI requirements
We were asked by a customer about performing code review based on the PCI requirements. The questions they asked were: Is there a checklist that... The post Performing code reviews to PCI requirements...
View ArticleThe value of multi-layer / comprehensive pen testing
For the past five years it seems like almost everything in information security has focused on application security and, for the NetSPI consulting practices, our application... The post The value of...
View Article