Security testing (including scanning, penetration testing, red teaming, and more), is often seen as a compliance bug bear. However, if your security team wants to provide a level of assurance to the business that if an attack was to take place, you are well placed to both defend and detect it, it is essential that you perform the right kind of testing for your business. In this post, we’ll take a look at the types of testing you should be deploying within your organization by explaining what each type of test does and what it can (and can’t) deliver for you.
By Michael Fratello, Security Consultant at Nettitude
Since the WannaCry ransomware outbreak in May 2017, many people have been wondering what will be next…
The use of a sophisticated exploit that enabled the worm element to propagate was both clever and worrying. But the relatively unsophisticated ransomware attached to it meant that for many people, the impact was containable by simply patching systems.
Companies are dreading the news that they are being held to ransom, especially if it is through a more sophisticated mechanism which may not so easily be stopped or halted, or for those that acknowledge that their protection is not as up to date as it should be.
The WannaCry malware is a good example of how an attacker can take advantage of a vulnerability and a recent exploitation tool that has been made available to the public.
Topics: Research & Innovation