Intrepidus Group

Monthly Archives: October 2007

Myth Buster II: We’ve Never Been Hacked

Posted: October 31, 2007 – 4:16 pm | Author: | Filed under: Techno, Web Apps

“We’ve never been hacked.” Those words are generally what let IT people sleep at night (or take long breaks to go play Guitar Hero). While it gives everyone a nice warm, fuzzy feeling like a lolcat, how would you know that it is true? Cause you haven’t had a customer complain about a strange transaction? […]

Myth Buster I: Input Validation is a Panacea

Posted: October 29, 2007 – 10:14 am | Author: | Filed under: Techno, Web Apps

Till a couple of years ago, the input validation wand could be waved to solve almost any application security flaw – XSS, SQL Injection, Response Splitting, and the list goes on. That made it easy to become an application security consultant. If you could chant the “Input Validation” mantra you would be right most of […]

Mobile Security: Passwords (you are still the weakest link)

Posted: October 17, 2007 – 1:25 pm | Author: | Filed under: Conferences, Mobile Security, Security Management

Here at Intrepidus Group, we do a lot of mobile application security reviews.  Much like standard web application reviews, some clients consistently turn out very secure apps.  However some apps have a detailed finding list longer then a copy of War and Peace.  One trend can often be seen across applications regardless of the client’s […]

Baiting the Hook, Sneak Peek at

Posted: October 10, 2007 – 12:22 pm | Author: | Filed under: Phishing, Security Management, Tools

If you’ve been noticing a little silence on the blog recently, it’s been because a lot of the ranting has been going into developing what we think is a great anti-phishing user awareness tool. Take a peek at our main site at Conducting ethical phishing attacks has never been easier. User awareness will be […]


This site is protected with Urban Giraffe's plugin 'HTML Purified' and Edward Z. Yang's Powered by HTML Purifier. 24799 items have been purified.