Resources

Policy and Best Practices

Follow & Subscribe

Browse Classifications

Browse Categories

Browse Topics

Browse Tags

Latest Policy and Best Practices Resources

  • 5 min read
  • New

Attack Surface vs Attack Vector: Understanding the Difference

Penetration testing, or pentesting, simulates an attack on a system to evaluate its defenses. Vulnerability testing identifies and evaluates system security weaknesses.

Read more
  • 3 min read

Pentest Reports: Traditional Reporting vs. Continuous Pentesting

Vulnerability scanning as a service is a solution that uses cloud-based tools to identify vulnerabilities in an organization's digital infrastructure. read more →

  • 6 min read

Application Security Testing (AST): Technologies and Best Practices

Application security testing involves analyzing and evaluating software applications to identify vulnerabilities. read more →

  • 4 min read

How to Conduct a Security Risk Assessment in 6 Steps

Security risk assessment is a systematic process to evaluate potential threats and vulnerabilities affecting an organization’s critical resources. read more →

  • 6 min read

Top 8 Penetration Testing Types, Techniques, and Best Practices

Penetration testing is a simulated cyber-attack against a computer system, network, or application to evaluate its security posture. read more →

  • 4 min read

External Attack Surface Management: 5 Key Capabilities

External attack surface management (EASM) focuses on managing and securing an organization's digital assets exposed to external threats. read more →

  • 6 min read

7 Types of Web Application Testing and Building a Testing Strategy

Web application testing involves evaluating an application to ensure its functionality, security, and usability meet the required standards before deployment. read more →

  • 8 min read

Network penetration testing: what is it and why do you need it?

How your business will benefit from network penetration testing and why it’s important to conduct annual testing. read more →

  • 6 min read

How to Prepare for Penetration Testing

Preparing for a penetration test? This checklist will inform you on what to expect and what steps you should take to get the most out of your organization’s upcoming pentest. read more →

  • 6 min read

How To Securely Share Your Backups and Passwords Upon your Death

A tutorial on how to build a secure, distributed, and multiple authorization backup method to recovery your digital life. read more →

  • 7 min read

How to limit cleartext password storage and fix the issue in your organization

The key to our engagements often and unfortunately involve the discovery of credentials on internal network file shares. We’re going to show you how we find cleartext password storage problems and how to address them. read more →

  • 5 min read

Fourteen good reasons to require 14-character passwords

Password. Password123. Yea, you’ve seen them all when it comes to bad passwords. It comes standard when managing IT security. But while your organization likely requires special characters, uppercase letters and even a… read more →

Continuous Human & Automated Security

The Expert-Driven Offensive
Security Platform

Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.

Watch Demo Request Quote

Expert-Driven Offensive Security Platform

  • Attack Surface Management
  • Continuous Penetration Testing
  • Adversary Simulations