In Annex I, for “devices that incorporate electronic programmable systems and software that are devices in themselves”, the MDR requires verification and validation under point 17.2 that the product or software was developed according to the state of the art – from the perspective of the IT security: For devices that incorporate software or for … [Read more…]
Participating in the Microsoft 365 Certification App Compliance Program for Microsoft Teams applications, Sharepoint Apps/Add-ins, Office Add-ins and WebApps requires performing a penetration test. In the Initial Document Submission a company needs to submit supporting documentation and evidence. Besides other topics, a Penetration Testing Report is required. A penetration testing report completed within the last … [Read more…]
Actually it should have been called BETTER PENTESTING – NO BULLSHIT, considering the advertising and sales promises of many pentesting providers. Somewhat less brutal it became BETTER PENTESTING – NO NONSENSE as the new advertising slogan for pentesting of binsec GmbH. Advertisement: “We find all vulnerabilities!” Statement: “We perform penetration tests with Nessus.” A pentest … [Read more…]
Today I received a very nice mail from Gloria with Enterprise Security Magazine Europe, telling me that binsec is recognized as one of the top Cyber Security Solution Providers. Hi Patrick, I am Gloria Lam with Enterprise Security Magazine Europe. I am excited to inform you that our magazine’s evaluation panel has shortlisted binsec to … [Read more…]
VPN service providers advertise with the promise of making Internet browsing more secure and protecting the user’s privacy. They also claim to make it possible using streaming services from other countries. But that’s not enough, they are even supposed to save you money when shopping online. Impressive. But is it true – are vpn worth … [Read more…]
I read this a lot on the internet: I’m making familiar myself with Kali Linux! I want to learn Kali Linux! I’ve already installed Kali – now what? But what is Kali Linux anyway? How to learn Kali Linux? And is it really right for it to be so much in the spotlight? What is … [Read more…]
In the approach during a pentest – or actually in the amount and details of the information base made available to the penetration tester – three variants can be distinguished: whitebox, graybox and blackbox pentesting. The blackbox pentest corresponds pretty closely to the information base of a typical external attacker over the Internet. He only … [Read more…]
The best Linux for beginners is Debian GNU/Linux. It is, in my opinion, the best Linux for beginners who want to learn as well as experts. It is a stable Linux distribution on which well-known other distributions such as Ubuntu or Kali Linux are based on, still Debian is not a hardcore distribution like Gentoo … [Read more…]
In addition to an ISO 27001 certification, regular penetration tests of sports betting portals must be carried out for the sports betting licence by the Darmstadt regional council. The pen tests must be carried out according to the OWASP Testing Guide or the OWSAP Testing Guide for web services. The penetration tester must be independent … [Read more…]
Secure coding will take place in calendar weeks 31 and 32, i.e. the first two weeks in August. In terms of concept, this lecture has always been a purely online event without any physial presence, i.e. there is no typical exam, but I evaluate the practical work. There are three tasks: (1) You need to … [Read more…]
