How To

Advices for Hiring a Penetration Tester

This article, for a change, is not intended for hackers but rather to the CISOs amongst you. As a Chief Information Security Officer you have to endure a longer fight and a very complex array of systems in your organization regardless of the ’8th layer of the OSI model’ – the human layer. This article is intended to provide some advices on some topics you should consider prior to...

read more

How to Conduct a Safe PenTest

How to Conduct a Safe PenTest

Introduction This article is intended to the PenTest Vendor as well as the PenTest receiver. The idea is to provide the reader with tips to follow in order to make sure that while you are conducting the pentest you do not harm the systems or their availability. These tips refer mostly to infrastructure or Web Application testing and not to protocol, application or other types of security tests....

read more

SSH Hardening

SSH Hardening

So, in this tutorial we will look at ways we can configure SSH to be more secure than it regularly is. This tutorial will not bring new stuff to the table, but rather collect other tutorials and will try to have some explanations made of the actions you are doing rather than just typing commands. We’ll see how to get your Secure Shell really Secure. SSH and Known Hosts – Built-In...

read more