Top Mistakes CISOs Make When it Comes to Penetration Testing
In this blog, we are going to look into a few of the top mistakes CISOs make when it comes to penetration testing and how your organization can avoid them.
Penetration Test
Building An Advanced Password Cracking Machine
Earlier this year, Triaxiom was set on building a new password cracking machine which would be a more advanced iteration than its predecessor, Thor. Simply put, a password cracking machine is a powerful computer which can run through billions of password guesses per second. This leads us to our new project – Loki. Overview: While […]
5 Myths of Penetration Tests
In the world of penetration testing, there are a lot of myths and misnomers surrounding the types of penetration tests, how penetration tests are conducted, etc. Today, we look to debunk 5 common myths of penetration tests and help you maximize the value from your next penetration test. Common Myths of Penetration Tests “We guarantee […]
Tips for Selecting a Penetration Testing Provider
When it comes to selecting a penetration testing provider, there are a lot of different points that need to be taken into account. What type of penetration test are you looking for? What is driving the need for a penetration test? Today we will explore some tips to help you in your penetration testing provider […]
What is the Penetration Testing Execution Standard?
The Penetration Testing Execution Standard or “PTES” is a standard consisting of 7 stages covering every key part of a penetration test. The standard was originally invented by information security experts in order to form a baseline as to what is required for an effective penetration test. While this methodology is fairly dated and has […]
What’s The Difference Between a Gap Analysis and a Penetration Test?
There are a variety of ways to test the maturity of your security program, including a gap analysis and a penetration test. However, it can be overwhelming to hear about these different types of security assessments and try to make an informed decision about what is right for your organization and your budget. The different […]
What is a VAPT?
Recently, we were asked by a client what VAPT meant. VAPT is an acronym for Vulnerability Assessment and Penetration Testing. This is a broad term which can refer to many different types of security testing, so we’ll dig a bit deeper into different services that could be referred to as VAPT, with the goal of […]
What is Involved in a Penetration Test?
Penetration testing, or pen testing, is essentially hiring a security expert to ethically hack into your organization’s network and tell you what vulnerabilities exist, how an attacker may use them against you, and what the level of risk associated with those vulnerabilities is. Penetration test is commonly shortened to pen test, and the two can […]
Rationalizing a Penetration Test to Senior Leaders
We get it. It can be tough to sell or rationalize a penetration test or one-time security service to senior management that may not be aware of the importance of security for your organization. You are constantly peppered with questions like “can’t we spend our security budget on a blinky box that will protect our […]
Is There Such Thing as an Automated Penetration Test?
We get asked more than one would think about the ability to run an “automated penetration test”. Today, we discuss what can be automated vs. what can not be automated and what you should consider before subscribing for automated penetration testing. What is an “automated penetration test”? We have seen plenty of companies touting automated […]