Innovative Minds - On Point - One Group  

Vulnerability Management

This is the blog for MindPoint Group's Information Security & Privacy (ISP) division. We hope to use this to contribute to and debate ideas among the ISP community.
06
Dec
2018

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 3 – Reporting

By:

Welcome back to the REST Assured blog series for Part 3: Reporting. While often overlooked by security professionals, compiling reports is almost always required among penetration testers post-testing. That’s why today we’re going to review how to put all of our findings together and have a thorough paper trail. Reporting Using Burp Suite, it’s relatively

Read More

18
Nov
2018

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 2 – Testing

By:

Welcome back! In part 1 of REST Assured blog series, we discussed the definitions and history behind APIs, and we reviewed the proper configuring of Burp Suite for conducting security testing against them. In Part 2 of the blog, we’re going to be getting into the fun part: Testing. Testing I’ll preface the testing first

Read More

14
Nov
2018

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 1 – Introduction & Configuration

By:

Introduction: Hello and welcome to our 3-part blog series where we will take a dive into the technical aspects of conducting exhaustive penetration tests against REST API services and generating reports based on what tests were performed and what our findings are. Due to the subject matter being relatively technical, I’m taking some assumptions in

Read More

18
Jul
2018

A Tale Of Two Tools: When Splunk met SecurityCenter

By:

Co-Authors:  Keith Rhea and Alex Nanthavong It was the best of times, it was the worst of times, it was the age of technological advancements, it was the age of attack, it was the epoch of cybercrime, it was the epoch of opportunity, it was the season of Remediation, it was the season of Exploitation,

Read More

05
Jul
2018

Hardware Vulnerability: Understanding Spectre, Meltdown and the Price of Unchecked Modernization

By:

Firewalls, encryption, antivirus software, armed security guards, dual authentication and every other added security mechanism that exists to secure data, do so to protect data from unauthorized access. Most bugs and viruses exploit weaknesses through a lapse in software or by targeting a specific operating system. However, less than a week into 2018, a different

Read More