Author Archives: Vaadata Author

Introduction to Burp, the Dedicated Tool to Web Platforms Security

Introduction to Burp Suite - Proxy, Scanner, Intruder and Repeater

Burp, by information security professionals, is often said to be our best friend. Burp doesn’t ring a bell? It is a software dedicated to web security audits, used by a majority of information security professionals. First, we will present you the software Burp and four fundamental modules. For those already familiar with the tool, a second more technical article details some functionalities and extensions to gain efficiency.

Continue reading

Bluetooth Low Energy & Security of Connected Devices

Alternative to classic Bluetooth, Bluetooth Low Energy is chosen increasingly for the IoT. This technology, also known as the abbreviation BLE, is establishing itself for connected devices, as it is ideal to send small amounts of data between devices and to preserve the battery; which matches the IoT’s needs perfectly. Classic Bluetooth, on its side, is used to send large amounts of data between a device and a user (wireless headphones and speakers are using Bluetooth for example).

BLE and security

While these two Bluetooth protocols are used for different purposes and are not compatible, they are nevertheless to some extent similar, as they have common technologies (software and hardware), such as the one managing pairing. Thus, security manager has to keep in mind that security breaches that impact classic Bluetooth affect sometimes Bluetooth Low Energy too; however, the latter has its own features and therefore its specific flaws.

Continue reading

Vaadata is accredited as CREST penetration testing company!

We are happy and proud to share with you that we are now officially a CREST accredited company for penetration testing.

Vaadata is accredited as CREST penetration testing company

This accreditation demonstrates our commitment to offer high level of professional penetration testing services. It certifies that Vaadata respects appropriate processes and procedures for conducting penetration testing and for the protection of its client information.

Continue reading