Skip to content

{ Tag Archives } policy

Security Policy Gone Wrong

Another story from the trenches:

Client: “You will have to work on site for this job. The data you’re gonna work with is of course highly sensitive and confidential. We cannot risk any of it to leave the company premises.”

Ok, so at this point, you usually prepare yourself to disillusion the client about how secure large [...]

Also tagged , ,
2010 03 12 phof Fun Comments (0)

Advisory Release Policy

When RedTeam finds vulnerabilities in some generally available software, we go the usual way of writing advisories. These findings usually occur during pentests. We of course do not immediately release whatever we found to the public, but go through a process I want to describe in a little bit more detail here. I’m doing [...]

Also tagged , , ,
2009 06 16 phof Advisories
RedTeam Comments (0)