Tiers of Penetration Testing Maturity

2013-08-29 21:09:08 by chort

Today Dave Aitel (presumably in response to a certain company announcing their "0day pentesting partnership") decided to dredge up an old post from Haroon Meer related to 0days and penetration testing. The basic point by Haroon was, what exactly is this testing? The conversation on Twitter brought up some good points, which prompted me to write a longer analysis of why I think most pentesting is a total waste of time.

Read the rest of this story...

Belittling Opponents Belies Reasoned Debate

2013-08-24 15:32:55 by chort

Thus far I've avoided blogging about the US domestic surveillance scandal. Most of my opinions have been advanced by others, so restating them here would serve little use. However, today an aspect of the debate struck me that I think deserves closer examination

Read the rest of this story...