Sunday, September 29, 2013

1. Network Penetration testing Guide: Risk assessment is a critical first-step in the information security lifecycle. Network penetration testing offers an invaluable way to establish a baseline assessment of security as it appears from outside the organization's network boundaries. (Requires free membership to view)

2. How to hack anything in Java: By Arshan Dabirsiaghi, Director of Research, Aspect Security. The white paper is about testing the security of Java applications which is considered practically more difficult than a similar browser-based client because inspecting, intercepting and altering application data is easy in the browser.

3. Mcafee on iPhone and iPad Security: This paper focuses specifically on helping security professionals understand the nuances of penetration testing iPhone/iPad applications. It attempts to cover the key steps the reader would need to understand such as setting up the test environment, installing the simulator, configuring the proxy tool and decompiling applications.

4. Engineering Principles for Information Technology Security: The purpose of the Engineering Principles for Information Technology (IT) Security (EP-ITS) is to present a list of system-level security principles to be considered in the design, development, and operation of an information system. 

5. A Good Collection of White papers on security and vulnerabilities: Not a white paper in itself but this site is a collection of white papers from different sources and some of these white papers are really worth referring. 

No comments:

Post a Comment