Ari Takanen
Ari Takanen is founder and CTO of Codenomicon (www.codenomicon.com). Since 1998, Ari has focused on information security issues in next-generation networks and other security critical environments. He began this work at Oulu University Secure Programming Group (OUSPG) as a contributing member to PROTOS research. His current company, Codenomicon Ltd. provides commercial solutions for security testing of communication devices and networks. Ari has been speaking at numerous security and testing conferences, and has been invited to speak at leading universities and international corporations.
- Company: Codenomicon
- Industry: Tech: Manufacturing - Hardware/Software
- Job title: CTO
- Company size: 50 - 99
- Country: Finland
SecurityFocus
Thank you for the
Thank you for the definitions for each of these. Unfortunately still today, there are as many definitions as there are security consultants. As my background is in fuzzing, I do not really agree with these definitions. If we do an assessment, we run tools (our own fuzzers, and other available fuzzers and non-fuzzers from other companies) to mostly find unknown vulnerabilities. We can find known issues also, but that is not the purpose of the assessment. This in most cases is an "audit" (or assessment, or test, or review) against a carefully designed test specification, sometimes dictated by the industry and in almost every case pre-run in similar form by an another party. Often this is part of a certification process. And yes, the tools are very similar to what a hacker would use in what you call "penetration test".
Build your tech library with our book giveaways.
Windows PowerShell 2.0 Unleashed
By Tyson Kopczynski, Pete Handley, Marco Shaw; Published by Sams
Windows PowerShell Unleashed will not only give you deep mastery over PowerShell but also a greater understanding of the features being introduced in PowerShell 2.0–and show you how to use it to solve your challenges in your production environment. Enter now!
Ubuntu Server Administration
By Michael Jang; Published by McGraw-Hill Osborne Media
Realize a dynamic, stable, and secure Ubuntu Server environment with expert guidance, tips, and techniques from a Linux professional. Ubuntu Server Administration covers every facet of system management -- from users and file systems to performance tuning and troubleshooting. Enter now!
Digium definitely touches
Digium definitely touches many of the points I made in the original post as it is kind-of free and kind-of open source. Motivation for a QA budget can be problematic when you cannot really show any return for the investment (i.e. more sales).