eCultist

with Security, sometimes Sacrifies need to be made.

April, 2012

SQLi and Requirements Traceability (FISMA)

An important but often tedious part of completing a security testing engagement is writing the report.  When compiling the report, assembling and assigning traceability between identified vulnerabilities or weaknesses and security controls/requirements can be difficult to perform consistently. This will be the first in a series of posts on assisting in maintaining traceability between identified […]

News Flash! Testers Say More Testing is Needed.

There are two organizations which have provided me with formalized training to perform security testing; initially it was through the SANS Institute where I completed a number of their classes and passed a number of certifications and then more recently through the Black Box Software Testing (BBST) course from the Florida Institute of Technology with […]