vPenTest is an automated and full-scale penetration test platform that makes network penetration testing more scalable, accurate, faster, consistent, and not prone to human error. Using vPenTest, organizations can now perform a penetration test at any time, allowing network administrators to evaluate their risks to cyber attacks in nearly real time.

University Federal Credit Union is a #diverse, member-owned cooperative that seeks to bring about #human and social development in full #accordance with International Credit Union Operating Principles. Laura Rea, Senior Manager Assurance Services at UFCU and the #Supervisory Committee were looking for a way to #tie together the #disparate security components and #review them collectively for a better look at the organization’s overall #security posture.

JUMPSEC Jargon Buster - What is the difference between a Vulnerability Assessment & a Penetration Test, Thom explains. Vulnerability assessments typically rely on vulnerability scanning tools to identify technical vulnerabilities making use of pre-configured test cases and signatures. A penetration test takes a contextual view of the target, combining many vulnerabilities and information sources in order to craft specific attacks with the goal of finding security weaknesses. Simply put a penetration test mimiks a skilled attacker, whereas a vulnerability assessment provides a baseline against common known weaknesses.

JUMPSEC Jargon Buster - Nikoo explains how Red Teaming differs from a Penetration Test. There are a number of ways that a red teaming exercise differentiate from a pen test. Firstly, the scope of standard penetration test is usually clearly defined with the goal to identify as many vulnerabilities as possible and attempt to exploit them on the stated targets during the engagement.

Do Not Allow COM Port Redirection will determine whether the redirection of data to client COM ports from the remote computer will be allowed in the RDS session. By default, RDS allows COM port redirection. It can be used, for example, to use a USB dongle in an RDS session.

JUMPSEC Jargon Buster - Courtney Cole explains what is the difference between external & internal Managed Vulnerability Scanning?

JUMPSEC Jargon Buster - Courtney Cole explains what a vulnerability scan is and why managed vulnerability scanning is different