DECEMBER 27, 2011

2011 Blog Rewind: Network Security Testing

By Kyle Flaherty

During these last two weeks of the year we are recapping some of the most popular topics covered on the blog during 2011. Today we take a look at network security testing and blog posts that detailed some of the very latest in security research. The threat landscape continues to shift radically because we have to worry about more sophisticated attacks, evolved use of vulnerabilities, and an expanded target with the growth in mobile malware. This made for some very interesting blog posts.

These are some of the topics that made our list of network security testing blog posts for 2011:

From Patch to Proof-of-Concept: MS10-081

In this blog post, one of the most read of 2011, we look at how our security research team reverse engineered a Microsoft patch to understand a vulnerability, then we go through the proof-of-concept exploit. And at the end of the post a screencast shows you how to execute the exploit yourself.

The CISO's Guide to Reducing Mobile Malware Threats

By 2015, more people will access the Internet through a mobile device than through a wired Ethernet connection. Unfortunately, adoption of good security habits isn’t keeping pace with the adoption of mobile computing. In this two-part series we provide some insight into the overall threat of mobile malware and pragmatic tips on how enterprises can educate employees to stop the spread of this hazard.

Creating the Son of Stuxnet

Many people thought Stuxnet, and SCADA-based attacks in general, were a rare danger and one they should not worry about. However, after the latest rounds of SCADA attacks on U.S. infrastructure, this topic has again become critical for network security. In this post Pam O’Neal and Mike Hamilton actually recreate Stuxnet and use it to test the resiliency of infrastructures.

Microsoft UDP Vulnerability: A Tester’s Perspective on MS11-083

Again our security research team shows off their chops and takes a look at a Microsoft UDP vulnerability. But this time we show how to use our testing equipment to recreate this vulnerability in a matter of hours, when some people thought it would take days to simulate. And we also show some possible concerns your company might have about the vuln.

Application and Threat Intelligence: Network Testing with Current Applications and Attacks

The application traffic and security threats traversing networks and data centers evolve all the time. This we know. But what a lot of folks don’t know is how up to date their testing gear is when it comes to the latest application and threat intelligence. Our colleague Steve McGregory provided an inside look into the BreakingPoint Application and Threat Intelligence (ATI) research team and how they keep our users up to date with the very latest intelligence.

Additional Blog Rewind 2011 Topics:

2011 Blog Rewind: Mobility Testing

2011 Blog Rewind: DDoS Testing

2011 Blog Rewind: Network Security Testing

Posted by Kyle Flaherty
Bookmark and Share Printer Friendly Create PDF
0 comments
Tags: Cyber Security // Network Security Testing //
Post a Comment
  7. Leave this field empty

Required Field

Videos

More >


Interact







Google+		 LinkedIn

YouTube

Newsletter


Subscribe to BreakingPoint Labs blog by email:

Type in your email, hit submit and quickly verify your address.