|
|
Security Basics
Binary Analysis with Internal Solutions Jul 24 2012 03:14PM nschroedl mtiorg com (3 replies) RE: Binary Analysis with Internal Solutions Jul 24 2012 04:35PM Simon Thornton (simon thornton info) (2 replies) RE: Binary Analysis with Internal Solutions Jul 24 2012 07:30PM Mikhail A. Utin (mutin commonwealthcare org) (2 replies) RE: Binary Analysis with Internal Solutions Jul 25 2012 09:00AM Simon Thornton (simon thornton info) RE: Binary Analysis with Internal Solutions Jul 24 2012 07:43PM David Gillett (gillettdavid fhda edu) (1 replies) RE: Binary Analysis with Internal Solutions Jul 25 2012 08:25AM Simon Thornton (simon thornton info) (1 replies) RE: Binary Analysis with Internal Solutions Jul 27 2012 02:44PM Mikhail A. Utin (mutin commonwealthcare org) RE: Binary Analysis with Internal Solutions Jul 24 2012 05:56PM Nick Schroedl (NSchroedl mullen-group com) (1 replies) |
|
Privacy Statement |
good guys need to be the first to do it.
2.) Depending on the number of instructions, reversing a binary could
take a huge amount of time. I would make binary analysis a separate
service so that it will not hinder the progress of vulnerability
testing.
3.) If these are internal apps, consider source code analysis. It can
be automated. That makes it a scalable, repeatable service.
-jon
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
On Behalf Of nschroedl (at) mtiorg (dot) com [email concealed]
Sent: Tuesday, July 24, 2012 10:15 AM
To: security-basics (at) securityfocus (dot) com [email concealed]
Subject: Binary Analysis with Internal Solutions
Hello everyone,
A debate has been started in the office that I work in
over this question.
"Should binary analysis (i.e. reversing and fuzzing) be part of an
internal vulnerability and pen testing solution?"
There is mission critical custom in house software
solutions deployed here. My opinion is Yes, but others say it is a
waste of resources to go this deep into offensive security. Please send
your comments, and opinions so that I can either win/loose this debate.
Nick Schroedl
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an
SSL certificate. We look at how SSL works, how it benefits your company
and how your customers can tell if a site is secure. You will find out
how to test, purchase, install and use a thawte Digital Certificate on
your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]