Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Here's how External Attack Surface Management and Penetration Testing compare

“How does Detectify’s External Attack Surface Management platform compare to Penetration testing” or “What I’m really looking for is Penetration testing” are two statements we often hear when talking to prospects. We know that many of you are keen to understand how EASM compares with Penetration testing (Pen testing), so we’re exploring these two methodologies side-by-side.

Get the right pen test for your compliance

Over the past few years there’s been an explosion in demand for penetration testing services. What was once seen a service only needed by larger enterprises is now more affordable than ever and used by SMEs and startups. This increase in adoption is partly down to pen testing being an all-round useful cyber control, but it’s also driven by compliance.

Penetration Tests vs. Vulnerability Scans: What's the Difference?

Compliance with regulatory requirements works best when you understand the terms of art used in compliance and cybersecurity, such as the difference between penetration tests and vulnerability scans. You can perform many types of tests to assess the state of your data security, vulnerability scans and penetration tests being among the most important — but they are not the same thing, and they serve different purposes.

Does PCI DSS v4.0 Require a Pen Test?

PCI version 4.0 was released in March 2022, and all organizations that must be compliant with the regulation have a deadline of March 31, 2024 to do so. So, what does the new version say about pen testing? According to Requirement 11 of the Payment Card Industry Data Security Standard (PCI DSS), pen testing is required for organizations and entities that store, process, and/or transmit cardholder data.

What We Learned from the 2023 Pen Testing Report

Fortra’s Core Security recently released its 2023 Pen Testing Report, and there’s plenty to see. In this year’s report, IT decision-makers can learn what their peers are saying about why they pen test, how often they pen test, and whether or not they’re pen testing in-house, among other topics. Each year, Core Security collects and produces some of the industry’s most relevant data on the state of pen testing today.

Offensive Security and the Misconceptions Surrounding Enterprise Penetration Testing

The concept of Offensive Security is often misunderstood by clients who often confuse it with penetration testing, but these two solutions, while both vital, are in fact quite different. Offensive Security is a popular industry umbrella term for all things pertaining to an organization's strategy surrounding cybersecurity, whereas penetration testing is more singular involving security teams attempting to break into a client’s systems.

A Deep Dive into Penetration Testing of macOS Applications (Part 1)

As many of us know, there are a lot of guides and information on penetration testing applications on Windows and Linux. Unfortunately, a step-by-step guide doesn’t exist in the macOS domain to help us through the penetration testing process. This means we had to spend even more time searching the web and experimenting with different tools and techniques to find the most effective approach for our testing.

A Red Team's Perspective: How to Scope a Penetration Test

Penetration testing is a crucial part of a comprehensive cybersecurity plan. By simulating a real-world attack, a penetration test can help identify vulnerabilities and weaknesses across systems, networks, and applications before a malicious actor can exploit them. To get off on the right foot with a penetration test and get an accurate timeline and budget for the test, it’s important to have a proper scope. Learn how to scope a penetration test from the perspective of the Sedara Red Team.

iOS Application Penetration Testing Checklist [153 Test Cases in a Free Excel File]

Get Free iOS Application Penetration Testing Checklist Apple’s recent release of iOS 16 for the iPhone brings important new security features. Despite the inherent security features of iOS, additional measures, techniques, and guidelines can be employed to fortify the protection of user data and ensure privacy. Having previously covered the Android penetration testing checklist and security assessment, it is time to focus on iOS.