Philosophy

Entries where we describe security best practices and approaches, tackling basic, as well as trending, cybersecurity concepts.

Photo by Saketh Upadhya on Unsplash

February 1, 2023

Felipe Ruiz


Get an overview of vulnerability assessment

Learn what vulnerability assessment is, why this IT systems evaluation process is important, what types exist, and how it relates to vulnerability management.

Photo by Anchor Lee on Unsplash

January 23, 2023

Jason Chavarría


Benefits of continuous over point-in-time pentesting

Continuous penetration testing beats periodic point-in-time pen tests. We present its benefits and how we overcome challenges to its implementation.

Photo by Thomas Griggs on Unsplash

January 17, 2023

Jason Chavarría


Pentesting is a system-agnostic approach to security

The types of penetration testing include external and internal network, wireless, IoT, mobile application and social engineering pentesting. Learn more here.

Photo by Dmitry Ratushny on Unsplash

January 5, 2023

Jason Chavarría


Differences between these security testing approaches

There is confusion around the differences between breach and attack simulation, penetration testing and red teaming. Read this blog post for a clear comparison.

Photo by Jeff Lemond on Unsplash

December 19, 2022

Jason Chavarría


How BAS solutions work, their importance and benefits

Learn about what breach and attack simulation is, how it works, why we need it for security testing and its benefits for defending against advanced threats.

Photo by Dima Pechurin on Unsplash

November 30, 2022

Felipe Ruiz


Open the door to security as a quality requirement

Discover what is usually seen as code quality, why we believe this concept should include security and some recommendations to develop high-quality code.

Photo by Museums Victoria on Unsplash

November 25, 2022

Felipe Ruiz


Use of automated tools only? Don't stick to your guns!

In this blog post, we present some differences between automated and manual code reviews and emphasize the latter and the procedures performed by the reviewers.

Photo by Ga on Unsplash

November 22, 2022

Felipe Ruiz


And round it off with our Secure Code Review

Check out some best practices for secure coding your developers can start applying and how our Secure Code Review can complement them.

Photo by Maxim Hopman on Unsplash

November 16, 2022

Jason Chavarría


Why measure cybersecurity risk with our CVSSF metric?

We present some of the flaws of the traditional measure of cybersecurity risk and introduce CVSSF, the risk-exposure-based metric with which we overcome them.

Start your 21-day free trial

Discover benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial