Skip to content
  • About
  • Resilience
  • Analytics
  • Architecture
  • Testing
  • Management
  • Risk
  • Other
A black swan

Black Swan Security

A blog about cybersecurity.

Tag: testing

May 31, 2012June 16, 2012 Phil

Making sense of pen testing, part two

Testing

This is the second in a series of posts looking at the current state of pen testing as I see it and presenting some ideas for the future. Part one is available here. In this post I will explore some of the issues I see in pen testing, it’s something…

Read More
May 23, 2011February 4, 2014 Phil

What I need from pen test reports.

Testing

I get a lot of pen test reports to read. They vary from beautifully crafted prose extolling the skilled exploitation of the system by security testing artistes to functional dumps of tool output into a word format by jobbing vulnerability scanners. Usually I read that report once, I use the…

Read More

Recent Posts

  • Invest in the CIO, before the CISO
  • Value of Security
  • Insider Risk Management
  • Making Sense of Cyber. Part Two.
  • Making Sense of Cyber. Part One.
  • Information Security Risk Universe
  • Unmitigated Surprise and Why Robust Risk Identification Matters
  • Estimating Probability
  • Homebrew Monte Carlo Simulations for Security Risk Analysis
  • CISO Priorities
  • Good security is a conversation, not an argument. Part Two.
  • Good security is a conversation, not an argument. Part One.
  • No more Department of No
  • Long tails and poverty lines; cyber risk in the supply chain
  • Writing a good risk statement
  • Don’t over think cyber risk
  • A change to the cyber risk landscape
  • Do CISOs have a higher calling?
  • Stifling, Suffocating, Security?
  • Portfolios of Risk

Tag Cloud

44con accountability analytics architecture big data board boardlevel ciso conference culture cyber cyber resilience cyber security cynefin data science digital engagement governance infosec leadership management modelling OODA pen testing principles protectivemonitoring regulation resilience resistance risk risk universe security security analytics security architecture zones trust security management securitymanagement security management cyber securitymonitoring security risk securitystrategy securitytest security testing strategy supply chain testing

Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org
Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License.