What is the best AI ChatBot to use for Penetration Testing (Part One)
Our earlier Red Cursor blog articles on how to use ChatGPT to aid with Penetration Testing have given our team cause to pause and wonder, what is the best AI Chatbot for aiding in pen testing? Unsurprisingly, our research has led to many more questions, so for a bit of foreshadowing, we will need to… Continue reading What is the best AI ChatBot to use for Penetration Testing (Part One)
How AI Chatbots can Expedite Penetration Testing Service Delivery
ChatGPT is an artificial intelligence (AI) language model developed by OpenAI that is capable of generating human-like responses to natural language input. It is based on the Generative Pre-trained Transformer (GPT) architecture and has been trained on a vast amount of text data, enabling it to understand and generate coherent and relevant responses to a… Continue reading How AI Chatbots can Expedite Penetration Testing Service Delivery
Is Your Business Balancing API Productivity Gains with Risk Mitigation?
APIs are a critical component of any digital business, sharing information between various software solutions and streamlining and improving business productivity through system integration. They allow modularity in development projects, increase the scalability of the business and in theory should enhance your software security. API security breaches have become increasingly common in recent years, with… Continue reading Is Your Business Balancing API Productivity Gains with Risk Mitigation?
Penetration Testing Frequently Asked Questions
When is penetration testing required? You have developed an application (in-house or outsourced), purchased an application (commercial off the shelf product), or purchased a software as a service (SaaS) and have concerns or compliance requirements regarding the security of the application or data stored. These concerns can be broadly categorised, in that an adversary or… Continue reading Penetration Testing Frequently Asked Questions
Why is penetration testing required?
What is Penetration Testing? Penetration testing, whether it be black box or white box, is a form of risk assessment that aims to identify cybersecurity vulnerabilities and risks within a system. Usually, security is considered a balancing act between confidentiality, integrity and availability. Confidentiality being the ability of the system to keep personal information secret.… Continue reading Why is penetration testing required?
Penetration Testing and Web Application Firewalls
A Web Application Firewall (WAF) is a defence-in-depth mitigation against common web attacks by monitoring and filtering HTTP traffic. WAFs work by analysing the plaintext content of HTTP messages between the client and server to determine if the given message is malicious. If it’s deemed to be malicious, the WAF stops the message from reaching… Continue reading Penetration Testing and Web Application Firewalls
White Box Penetration Testing
There are two main ways to conduct penetration testing: black box and white box. Both provide different approaches to the methodology and require different levels of interaction from the client. White box can often return more findings while improving the tester’s efficiency. We’ve already covered black box testing in the first part of this two-part… Continue reading White Box Penetration Testing
Black Box Penetration Testing
Penetration testing – or pen-testing as we colloquially call it – is a crucial component to a robust security programme in any organisation. As management, it’s critical you understand where pen-testing fits into your programme and what it can do for your organisation. Equally important is what it can’t do, and how the different “flavours”… Continue reading Black Box Penetration Testing