Risk Acceptance 101: What Happens When Security Needs Go Unfunded?
The refusal of top leadership to fund security initiatives often translates to explicit, willful risk acceptance.
The Ugly Duckling’s Security Testing Transformation
Some are wary of the Ugly Duckling due to his advanced hacking abilities, but when it comes to security testing, he's really one of the good guys.
Don’t Sweep Web Application Penetration Testing Under the Rug
Although it is one of the most crucial components of any security strategy, web application penetration testing is often neglected.
Hello, My Name Is Space Rogue
IBM X-Force Red marked its first anniversary with the addition of security specialists, including Space Rogue, bolstering the team's talent roster.
IBM X-Force Red Turns 1, Expands Into Auto and IoT Practice Areas
Today IBM X-Force Red launches a collaboration with the Watson IoT Platform to help ensure that all IoT solutions get our special brand of hacker love.
Three Lessons From Test-Driven Development
Test-driven development was created to inspire security analysts and developers to reconsider the way they plan, design and test software.
New Security Ratings Could Help Bolster User Confidence
The decision by Consumer Reports to include security ratings in its product reviews could have implications for the way connected devices are designed.
Beyond Virtual: Vulnerability Testing Tools Now Hack Hardware
A new Metasploit hardware bridge enables IT professionals to hack their own hardware, reducing the complexity of device-based vulnerability testing.
Pros and Cons of Building and Maintaining In-House Pen Testing Capability
Security leaders must weigh the convenience and speed of in-house pen testing against the cost of maintaining a team to conduct security tests.
Identify Vulnerabilities in Your IT Infrastructure, Policies and Procedures Before the Bad Guys Do
Penetration testing is one of the most effective ways to monitor the security of your IT environment and identify vulnerabilities.