Pro Bono Penetration Tests for Open Source Projects

Today I was hanging out in one of my favorite Slack servers and I decided to drop a small pitch for Paladin Security in the vendor related channel.  (Yes, I checked with the admin before I did so.) Someone popped up and asked me if I gave discounts for open source web apps.  Huh… do I?  I hadn’t really thought … Read More

Scoping a Penetration Test

Last week I recorded a module about working with clients ahead of a penetration test for my upcoming online course, Breaking Web App Security.  The module is a fairly straight forward discussion about the things we need to do as penetration testers before beginning any engagement.  The section that I spent the most time on was scoping a penetration test.  … Read More

Vulnerability Assessment Versus a Penetration Test

The question of whether to do a vulnerability assessment versus a penetration test will probably come up as you look at your security testing plans.  Some folks have a strong preference of one over the other, but both are valid if used appropriately and in the right situation.  Deciding which to use is pretty straight forward.  Let’s just jump into it. Vulnerability Assessment … Read More

Penetration Testing Services Now Available!

I’m very excited to announce that Paladin Security is now offering penetration testing as part of our services!  For the last 5 years I have been working full time as a penetration tester and consultant at Secure Ideas.  Being a part of this incredibly talented team was exciting and a bit humbling at times.  However, it was time for a … Read More