PENETRATION TESTING
IBM: Unleashes X-Force Red. IBM Security has formed an elite team of security professionals and ethical hackers, dubbed IBM X-Force Red. The group is tasked to uncover vulnerabilities in computer networks, hardware and software applications, in a block-and-tackle move to get ahead of cybercriminals. The team also examines human security vulnerabilities in daily processes and procedures – social engineering opportunities or privileged access routes that attackers often use to circumvent security controls. Read the rest
[INFOSECURITY-MAGAZINE.COM]
SECURITY STRATEGY: The Evolution Of The Penetration Test. Toby Scott-Jackson, senior security consultant at SureCloud explores how penetration testing has changed – and how it must continue changing in the future. Find out more
[INFORMATIONSECURITYBUZZ.COM]
TOOL: Open Source Penetration Testing Toolkit. Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB database management systems. Read more
[SQLMAP.ORG]
Q&A: Tom Eston, Manager of Penetration Testing, Veracode. Tom Eston leads a team of highly skilled penetration testers. For the last several years, he’s co-hosted what is now known as the Shared Security Podcast – a usually monthly podcast that explores how technology affects the security and privacy of our personal lives and businesses. Eston talks about how companies can keep their data safe even if they can’t afford a big security budget. It turns out the best advice he could give is to stay vigilant. Read more
[CRAINSCLEVELAND.COM]
==========
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems July 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-july-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
==========