Gone are the days when organizations used to run and scale their offline businesses at three-toed sloth’s speed. The inception of the Internet turned into a really pervasive and groundbreaking force in our life, with millions of Websites serving billions of web pages to people on a daily basis. Through various advancements, web and SaaS applications have become intelligent, dynamic and asynchronous.
Often, penetration testing (or pen testing) and vulnerability scanning are used interchangeably. In doing so, the importance of each method of testing gets lost in the confusion. Both of these are significant in protecting your data and infrastructure for different reasons. In the age of digitally storing information and companies having an online network presence, it’s easy for hackers to find their way in. This is why both pen testing and vulnerability scanning are important.
Our team of penetration testers arguably have the most interesting and exciting roles within the business, or perhaps, in the world. From robbing banks to breaking and entering, pen testing isn’t your typical desk job. So we’ve asked them to share some of their most interesting stories to really give you career envy! Let’s see what we can find out about a day in the life of a pen tester.
You finally have some budget to buy tools for your application security (AppSec) program! GREAT! Purchasing the correct tools for your AppSec pogram can be overwhelming. Even when looking only at point solutions, there still may be some confusion on the value that various tools can provide. Sometimes you'll find the perfect tool, but others may offer you a similar tool with added manual penetration testing (MPT) as part of the overall bundle. That seems like a great idea for the budget.
Understanding your organization’s cybersecurity posture is becoming more important every day. So how do you know how secure your IT infrastructure really is? One way to get a glimpse into your organization’s security is penetration testing: pretending (or hiring someone to pretend) to be a hacker, attempting to infiltrate your organization’s physical and cyber systems however possible.
No company is free from risks and vulnerabilities. No matter how robust the digital infrastructure or how strict the cybersecurity measures are, some level of residual risk will always remain. That’s why many organizations include penetration testing in their risk assessment and security program.
During a recent client engagement, the DGC penetration testing team identified a previously unknown vulnerability affecting the Autodesk Licensing Service, a software component bundled with nearly all licensed Autodesk products. The vulnerability exists in a software component common to most Autodesk products and impacts nearly all organizations using licensed Autodesk software in any capacity.
Technology has shaped the world magnificently and has become a driving force for businesses and organisations. From academia to big enterprises, everyone is enjoying the perks of technological advancement in the form of applications, IoT devices, online shopping and businesses, portals, etc. including amateur to non-technical people, everyone now utilises some form of a networked-enabled communication system such as email, social media, etc.
IoT devices are ubiquitous in our daily lives—whether it’s at home with connected home automation devices, or at work with connected factories, hospitals, and even connected cars. According to Gartner, there were over 20 billion IoT devices in 2020. As businesses globally over the past decade have transformed their processes with more embedded IoT-driven intelligence, these billions of connected devices have also become a soft target for cyber criminals.
