Bridging The Security Gap
The South by Southwest event in Austin Texas featured a conference call on stage between Edward Snowden and Christopher Soghoian, privacy researcher and activist. During this conference call Snowden called developers the firefighters of the internet. He stated that agencies such as the NSA are “setting fire to the future of the internet”. Soghoian replied by saying: “We need to lock things down.
During our penetration testing activities, we are often confronted with environments that are constructed using off-the-shelf or open source third-party components / frameworks. Although off-the-shelf or open source may suggest a certain level security, we always advise to include such elements in the scope of the test, as you never know what you may find.