A new memo issued to federal agencies by the White House OMB pushes them to embrace more practices that will empower them with enterprise security metrics, a paradigm that Core Security is also putting its weight behind.
Three of the IT security industry's most respected leaders have signed-on to help guide our future plans. They've done so because they already share our vision for the future of enterprise security testing and measurement.
In Windows systems, path and filename normalization routines have some interesting quirks. In his upcoming ShmooCon presentation, Core's Dan Crowley will demonstrate how these quirks can be used to bypass filters and access control mechanisms, evade IDS detection, alter the way that files are handled and processed, and make brute force attacks to enumerate files easier.