A billion reasons to enhance your penetration testing
August, 2014, Mike Weber, Vice President, Coalfire Labs
There are so many questions regarding those leaked Russian passwords. Is this for real? What sites are on that list? How can you tell if your site’s users are in the “Russian Billion”? Isn’t this just a matter of changing user passwords? Bottom line: As a company with websites that have user accounts, what should you do?
War on Passwords? Check with Your QSA First!
March, 2013, Matt Getzelman, PCI Practice Director
Passwords have long been the workhorse of user authentication schemes, and many security experts are speaking out on the need for more effective controls. It seems like hardly a week goes by when we don’t see a password breach in the news.