Philosophy

Learn what vulnerability assessment is, why this IT systems evaluation process is important, what types exist, and how it relates to vulnerability management.

Continuous penetration testing beats periodic point-in-time pen tests. We present its benefits and how we overcome challenges to its implementation.

The types of penetration testing include external and internal network, wireless, IoT, mobile application and social engineering pentesting. Learn more here.

There is confusion around the differences between breach and attack simulation, penetration testing and red teaming. Read this blog post for a clear comparison.

Learn about what breach and attack simulation is, how it works, why we need it for security testing and its benefits for defending against advanced threats.

Discover what is usually seen as code quality, why we believe this concept should include security and some recommendations to develop high-quality code.

In this blog post, we present some differences between automated and manual code reviews and emphasize the latter and the procedures performed by the reviewers.

Check out some best practices for secure coding your developers can start applying and how our Secure Code Review can complement them.

We present some of the flaws of the traditional measure of cybersecurity risk and introduce CVSSF, the risk-exposure-based metric with which we overcome them.