home_banner `

Content Icon

Poll: Entry-Level Web App Pen-Testing Tools

November 30, 2018 | Ask-An-Expert | Penetration Testing and Red Teaming

For a team with little experience and time, what tools are best for running effective pen-tests against web applications? In this Viewpoints report, IANS Faculty Josh More, Kevin Johnson, Jason Gillam, Jared DeMott and Adam Shostack recommend some free and paid tools, but also underscore the need for good training. 


Already a client?

Log In to Continue

Not a client?

Request More Information

Related Research

Container Tools for AWS: An Overview

The market for container tools - and container monitoring tools -- is growing fast. In this Ask-an-Expert written response, IANS Faculty George Gerchow provides an overview of the space and recommends going with tools like Docker and Kubernetes.

Establish Governance Over APIs and Containers

If approached the right way, the move to APIs, containers and DevOps can actually result in better alignment between development and security. In this Ask-an-Expert written response, IANS Faculty Justin Leapline says the key is to focus on ensuring secure configuration and development, solid change management and reliable monitoring/response processes. 

Using MITRE ATT&CK™ for Coverage and Effectiveness Assessments

The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) Framework is fast becoming the go-to model for known cyber adversary behavior, reflecting the phases of the attack lifecycle as well as commonly targeted platforms. In this webinar, TrustedSec CSO Practice Lead Rockie Brockway and TrustedSec Senior Consultant Rick Yocum walk through the framework’s components and how to put them to the best use when doing assessments in your organization.

Leverage the MITRE ATT&CK Framework Effectively

Many organizations are using MITRE’s ATT&CK framework to assist in threat modeling, threat hunting, purple teaming and more. In this report, IANS Faculty Mike Pinch details the many ways to leverage the framework to increase your security program’s effectiveness.