Manufacturing

How to Price a Penetration Test

By |2020-04-24T15:12:59-04:00October 8th, 2013|

This video provides and overview of the two most common methodologies for pricing a penetration test. How Much Should You Spend On Penetration Testing Services The most common question asked is "how much will it cost for you to deliver a penetration test to us?". [...]

Comments Off on How to Price a Penetration Test

Whistleblower Series – The real problem with China isn’t China, its you.

By |2020-03-31T10:27:14-04:00June 10th, 2013|

Terms like China, APT and Zero-Day are synonymous with Fear, Uncertainty and Doubt (FUD).  The trouble is that, in our opinion anyway, these terms and respective news articles detract from the actual problem.  For example, in 2011 only 0.12% of compromises were attributed to zero-day exploitation [...]

Comments Off on Whistleblower Series – The real problem with China isn’t China, its you.

Whistleblower Series – Don’t be naive, take the time to read and understand the proposal.

By |2020-03-31T10:27:22-04:00May 16th, 2013|

In our last whistleblower article, we showed that the vast majority of Penetration Testing vendors don't actually sell Penetration Tests. We did this by deconstructing pricing methodologies and combining the results with common sense. We're about to do the same thing to the industry average Penetration [...]

Comments Off on Whistleblower Series – Don’t be naive, take the time to read and understand the proposal.

How to find a genuine Penetration Testing firm

By |2020-03-31T10:27:31-04:00May 3rd, 2013|

There's been a theme of dishonesty and thievery in the Penetration Testing industry for as long as we can remember.  Much in the same way that merchants sold "snake-oil" as a cure-all for what ails you, Penetration Testing vendors sell one type of service and brand [...]

Comments Off on How to find a genuine Penetration Testing firm

The 3 ways we owned you in 2012

By |2020-03-31T10:27:38-04:00February 12th, 2013|

Here are the top 3 risks that we leveraged to penetrate into our customers' networks in 2012. Each of these has been used to affect an irrecoverable infrastructure compromise during multiple engagements across a range of different customers. We flag a compromise "irrecoverable" when we've successfully taken administrative control [...]

Comments Off on The 3 ways we owned you in 2012

Thank You Anonymous

By |2012-04-23T08:00:46-04:00April 23rd, 2012|

We (Netragard) have been meaning to say Thank You to Anonymous for a long time now. With that said, Netragard does not condone the actions of Anonymous, nor the damage they have caused.   What Anonymous has demonstrated, and continues to demonstrate, is just how poorly [...]

Comments Off on Thank You Anonymous

Netragard’s Badge of Honor (Thank you McAfee)

By |2020-03-31T10:29:21-04:00November 15th, 2011|

Here at Netragard We Protect You From People Like Us™ and we mean it.  We don’t just run automated scans, massage the output, and draft you a report that makes you feel good.  That's what many companies do.  Instead, we "hack" you with a methodology that [...]

Comments Off on Netragard’s Badge of Honor (Thank you McAfee)

Netragard Challenges your PCI Compliance

By |2020-03-31T10:30:12-04:00January 25th, 2011|

The purpose of legitimate Network Penetration Testing is to positively identify risks in a targeted IT Infrastructure before those risks are identified and exploited by malicious hackers. This enables the IT managers to remediate against those risks before they become an issue. To accomplish this the [...]

Comments Off on Netragard Challenges your PCI Compliance

Netragard: Connect to chaos

By |2020-03-31T10:30:20-04:00January 16th, 2011|

The Chevy Volt will be the first car of its type: not because it is a hybrid electric/petrol vehicle, but because GM plans to give each one the company sells its own IP address. The Volt will have no less than 100 microcontrollers running its systems from [...]

Comments Off on Netragard: Connect to chaos

Netragard’s thoughts on Pentesting IPv6 vs IPv4

By |2020-03-31T10:30:26-04:00January 14th, 2011|

We’ve heard a bit of “noise” about how IPv6 may impact network penetration testing and how networks may or may not be more secure because of IPv6.  Lets be clear, anyone telling you that IPv6 makes penetration testing harder doesn’t understand the first thing about real [...]

Comments Off on Netragard’s thoughts on Pentesting IPv6 vs IPv4