AppSec Europe 2017

Hands-On Web Exploitation with Python

Michael Born

March 30, 2017 - Posted by Michael Born to Security Insight

Back in 2015, a colleague and friend asked if I would be interested in teaching a training class with him at OWASP AppSec USA. After carefully considering, I agreed. It’s a good thing, because he had already submitted the class to the call for trainings before asking me.

Fast forward a bit and we’re now gearing up to teach our third version of the class. What started out as a one-day training session has turned into a three-day course. Based on the feedback we have received over the previous years, my colleague and I have tweaked the class in an attempt to provide a class for all levels of programmers, from beginners who may be new to Python to veteran programmers.

Much like our first class, I have taken the time to develop a new vulnerable virtual machine for the test lab. This time around, I applied several lessons I learned along the way. The primary change to the virtual machine is that I made it quite a bit more simplistic. I did this because I... read more >

Public Vulnerability Disclosure

How long is too long?

Michael Born

March 09, 2017 - Posted by Michael Born to Security Insight

File Analysis

There has been a lot of chatter on social media lately surrounding the topic of public vulnerability disclosure. Doing a quick Google search, I found a ton of resources, discussions and blog posts available, covering different ways to properly disclose a vulnerability. Several are listed below:

  1. http://www.cert.org/vulnerability-analysis/vul-disclosure.cfm
  2. https://www.dhs.gov/xlibrary/assets/vdwgreport.pdf
  3. http://www.ccssforum.org/disclosure-guidelines.php
  4. ...
read more >

Social Engineering War Story

#WarStoryWednesday: Quick and Dirty Social Engineering

Michael Born

January 11, 2017 - Posted by Michael Born to Security Insight

On-site Social Engineering Assessment

Every now and then, I work on the assessments that normally Brent White and Tim Roberts blog about. When I’m privileged to get such an assignment, I typically create unnecessary pressure on myself in an effort to compete with the likes of my aforementioned teammates and their overwhelming success on Social Engineering Assessments. I find myself feeding off the pressure and nervous energy, turning it into excitement and focus. By drawing on my past experiences in the Broadcast Television industry, I convince myself that this will only help me succeed on such a project. Then, when I get word of the increased challenge level, whether due to the small size of the company being assessed, a shared work environment or building, or armed guards present, I actually find myself... read more >

Developing a Strong Application Security Program: Part 2

The Agile Movement

Michael Born

September 29, 2016 - Posted by Michael Born to Security Insight

In my previous blog, Developing a Strong Application Security Program: Part 1, I looked at aspects of a successful application security program as it pertains to a more traditional waterfall Software Development Life Cycle (SDLC). In part two of this series, I’ll focus more on an agile-based SDLC and options for implementing a successful application security program.

Let’s briefly describe some of the differences between a traditional waterfall SDLC and agile SDLC. In a waterfall SDLC, there are clear project objectives through each phase of development. Typically, each project consists of several phases: planning, design, coding, and finally testing. Security teams are injected into the phases and should have sign-off authority on each phase before the project continues to the next. I detailed security’s role in this... read more >

Hacking Time Management For Penetration Assessments

#WarStoryWednesday: so many hosts, so little time

Michael Born

September 07, 2016 - Posted by Michael Born to Security Insight

Time Management

Every now and then, while performing a penetration assessment, we’ll get a large set of hosts considered in scope. This is often a nice change of pace from the compliance-based penetration assessment where the scope is smaller and more focused on the Cardholder Data Environment (CDE). With the larger scope, we can come a bit closer to simulating an actual attacker from the perspective of the internal network. I say closer because as security consultants we are still limited by time, often only having a week to perform an assessment. If the scope is big enough, we will typically send two or more consultants. This blog will detail just one of those assessments and will hopefully give insight into effective time management for large scopes that offer more than one method of compromise.

Background

Let me set up the scenario a bit. My co-worker Adam Steffes and I were tasked with performing an assessment with... read more >

1 | 2 | 3 | 4 | 5 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS