Security and HTTPS Certificate Validity Currently, since March 2018, SSL/TLS certificates (more commonly called HTTPS certificate) can have a maximum lifetime of 825 days. But in March 2020,... 23.06 Applications
IT Security Audit: What You Need to Know There are several types of IT security audits: organizational audits, technical audits and penetration testing. All these variants are comp... 27.05 Applications
How to Securely Store Passwords in Database? Storing passwords securely is a recurring concern.But what are the main methods, how do they work, and what are they worth against current password cr... 25.05 Applications
Penetration Testing: Approach, Methodology, Types of Tests and Rates Cybersecurity Issues for Businesses in 2020 The current trend is to strengthen the security requirements for customers, partners and investors. Securi... 12.05 Applications
Doing a Pentest for Less Than €1,500 Conducting a security audit has a cost. When companies are asked about the budget they devoted it, we often hear “between €10k and €20k”, ... 28.04 Applications
How to Know Your Attack Surface (And to Reduce it) Abraham Lincoln (repeating a woodsman) would have answered the question: what would you do if you had just six hours to chop down a tree? I would spen... 12.03 Applications
Should You Perform a Pentest On a Production Environment? Once you have decided to go for a penetration test, you may wonder if it should target your production environment. Depending on the risks, it can be ... 25.02 Applications
White paper: Security of IoT Wireless Technologies 25 pages to know the existing and exploitable vulnerabilities on these technologies, as well as the means to counter or reduce the risks. 05.02 IoT
Logging & Monitoring: definitions and best practices The OWASP Top 10 2017 introduces the risk of insufficient logging and monitoring. Indeed, inherent problems in this practice are often underestimated ... 21.01 Applications
Certificate and Public Key Pinning Introduction to Public Key Certificate A digital certificate is a data file that allow, on the one hand, the non-repudiation and the integrity of data... 10.12 Applications
How to optimise your use of Metasploit The Metasploit framework is an open source tool, allowing searching, analysing and exploiting vulnerabilities. It has many modules and tools that can ... 19.11 Applications
Should you do a demonstration of your solution to pentesters before a penetration test? Before starting a penetration test (pentest), should you present your product or solution to pentesters? It all depends on your situation and on your ... 05.11 Applications
