So we are finally approaching the BH/Defcon weeks, when all the new stuff is presented to the security world and the sky starts to fall once more. I'm not going to Vegas this year (I'd love to), but as I came back to work on vulnerability assessments and penetration testing I noticed the main issue is still linked to the basics.There are so many low hanging fruits that someone that is completely unaware of vulnerabilities and attack techniques from the past 5 years will still be able to do a lot of bad stuff on a 'vanilla' corporate network.Ask yourself these 5 questions. If you can't say yes to all of them, don't sign the check for that new-miracle-black-box you are buying and do your homework to fix the basics:
Black Hat, Defcon, the basics
Black Hat, Defcon, the basics
Black Hat, Defcon, the basics
So we are finally approaching the BH/Defcon weeks, when all the new stuff is presented to the security world and the sky starts to fall once more. I'm not going to Vegas this year (I'd love to), but as I came back to work on vulnerability assessments and penetration testing I noticed the main issue is still linked to the basics.There are so many low hanging fruits that someone that is completely unaware of vulnerabilities and attack techniques from the past 5 years will still be able to do a lot of bad stuff on a 'vanilla' corporate network.Ask yourself these 5 questions. If you can't say yes to all of them, don't sign the check for that new-miracle-black-box you are buying and do your homework to fix the basics: