Childcare

How to Price a Penetration Test

By |2020-04-24T15:12:59-04:00October 8th, 2013|

This video provides and overview of the two most common methodologies for pricing a penetration test. How Much Should You Spend On Penetration Testing Services The most common question asked is "how much will it cost for you to deliver a penetration test to us?". [...]

Comments Off on How to Price a Penetration Test

Whistleblower Series – Don’t be naive, take the time to read and understand the proposal.

By |2020-03-31T10:27:22-04:00May 16th, 2013|

In our last whistleblower article, we showed that the vast majority of Penetration Testing vendors don't actually sell Penetration Tests. We did this by deconstructing pricing methodologies and combining the results with common sense. We're about to do the same thing to the industry average Penetration [...]

Comments Off on Whistleblower Series – Don’t be naive, take the time to read and understand the proposal.

How to find a genuine Penetration Testing firm

By |2020-03-31T10:27:31-04:00May 3rd, 2013|

There's been a theme of dishonesty and thievery in the Penetration Testing industry for as long as we can remember.  Much in the same way that merchants sold "snake-oil" as a cure-all for what ails you, Penetration Testing vendors sell one type of service and brand [...]

Comments Off on How to find a genuine Penetration Testing firm

The 3 ways we owned you in 2012

By |2020-03-31T10:27:38-04:00February 12th, 2013|

Here are the top 3 risks that we leveraged to penetrate into our customers' networks in 2012. Each of these has been used to affect an irrecoverable infrastructure compromise during multiple engagements across a range of different customers. We flag a compromise "irrecoverable" when we've successfully taken administrative control [...]

Comments Off on The 3 ways we owned you in 2012

Quality Penetration Testing by Netragard

By |2020-03-31T10:30:04-04:00February 22nd, 2011|

The purpose of Penetration Testing is to identify the presence of points where an external entity can make its way into or through a protected entity. Penetration Testing is not unique to IT security and is used across a wide variety of different industries.  For example, [...]

Comments Off on Quality Penetration Testing by Netragard

Netragard’s thoughts on Pentesting IPv6 vs IPv4

By |2020-03-31T10:30:26-04:00January 14th, 2011|

We’ve heard a bit of “noise” about how IPv6 may impact network penetration testing and how networks may or may not be more secure because of IPv6.  Lets be clear, anyone telling you that IPv6 makes penetration testing harder doesn’t understand the first thing about real [...]

Comments Off on Netragard’s thoughts on Pentesting IPv6 vs IPv4

Security Vulnerability Penetration Assessment Test?

By |2020-03-31T10:34:14-04:00June 14th, 2010|

Our philosophy here at Netragard is that security-testing services must produce a threat that is at least equal to the threat that our customers are likely to face in the real world. If we test our customers at a lesser threat level and a higher-level threat [...]

Comments Off on Security Vulnerability Penetration Assessment Test?

REVERSE(noitcejnI LQS dnilB) Bank Hacking

By |2020-03-31T10:34:57-04:00May 16th, 2010|

Earlier this year we were hired to perform an Overt Web Application Penetration Test for one of our banking customers (did you click that?).This customer is a reoccurring customer and so we know that they have Web Application Firewalls and Network Intrusion Prevention Systems in play.We [...]

Comments Off on REVERSE(noitcejnI LQS dnilB) Bank Hacking

Social Engineering — Its Nothing New

By |2020-03-31T10:38:20-04:00September 22nd, 2009|

With all the recent hype about Social Engineering we figured that we’d chime in and tell people what’s really going on. The fact is that Social Engineering is nothing more than a Confidence Trick being carried out by a Con Artist. The only difference between the [...]

Comments Off on Social Engineering — Its Nothing New

ROI of good security.

By |2020-03-31T10:44:57-04:00January 2nd, 2009|

The cost of good security is a fraction of the cost of damages that usually result from a single successful compromise. When you choose the inexpensive security vendor, you are getting what you pay for. If you are looking for a check in the box instead [...]

Comments Off on ROI of good security.