My background before taking the exam was two years of work at Fluid Attacks as a penetration tester, this means that I already had the know-how of a penetration test and how to build a technical...
Years ago, we faced something odd in a project: a customer was putting pressure on us while performing a One-Shot Hacking. The manager who hired us demanded preliminary results and made comments...
What is the best risk indicator? Bottom line: there is no "best", only different approaches to the same thing. Ultimately, it’s up to you. Here we will show the pros and cons of each so you can...
Usually, changing our beliefs is seen as a negative thing. But when those beliefs represent our state of uncertainty regarding a particular cybersecurity risk, you’d better use all the tools at...
In our previous article, we merely scratched the surface of the problem that quantifying risks poses, barely touching on concepts such as calibrated estimation, confidence intervals and specifying...
One of the least understood parts of a vulnerability is the risk it poses to the target. On the client side, it tends to get confused with impact and occurrence likelihood, due to devices like the...
The main problem encountered by an organization when they need to perform an Ethical Hacking is to establish the boundaries of the hacking. Delimiting the scope of an Ethical Hacking by time is a...