Rauli KaksoneninOUSPGAgile security testing — pentest and automateIn this post, I explore the idea of agile security testing, performing penetration testing first and then designing security test casesJun 3, 2021Jun 3, 2021
Rauli KaksoneninOUSPGBottom-up security testing — security in all levelsSecurity testing is often seen as a top-down activity, which starts with threat and risk assessment and proceeds towards the details of…Apr 6, 2021Apr 6, 2021
Rauli KaksoneninOUSPGSecurity design with principlesIn this post, I go through some well-known secure design principles and how they could be applied to create useful security requirements…Mar 2, 20211Mar 2, 20211
Rauli KaksoneninOUSPGReduce vulnerabilities by improving security requirementsPreviously, in the post “Turning tables with attackers; from fixing vulnerabilities into fixing weaknesses”, I discussed the merits of…Feb 8, 2021Feb 8, 2021
Rauli KaksoneninOUSPGTurning tables with attackers; from fixing vulnerabilities into fixing weaknessesShould we fix vulnerabilities or weaknesses?Jan 26, 2021Jan 26, 2021
Rauli KaksoneninOUSPGNative command-line experience for containerized toolsWhat are containerized tools?Oct 27, 2020Oct 27, 2020
Rauli KaksoneninOUSPGShades of open source infosec toolsThere are a lot of useful open source infosec tools for tasks like network administration, malware analysis, forensics and incident…Aug 28, 2020Aug 28, 2020