1-616-874-7810 info@vdalabs.com
Security vs. Ease of Use – Do we have to fight?

Security vs. Ease of Use – Do we have to fight?

One thing no security practitioner will argue with is that there has always been a struggle balancing security vs. ease of use when implementing technology solutions. In meeting after meeting a recurring them is “{This group} will never agree to doing...
What color do you want your pentest?

What color do you want your pentest?

Recently VDA was conducting an enterprise software security engagement where we were looking closely at the internal software security practices of a large enterprise. Through that work I got to spend a lot of time with a document called the BSIMM which is a study...
Meet Our Droids: Penetration Testing Dropboxes

Meet Our Droids: Penetration Testing Dropboxes

When VDA Labs conducts internal penetration tests, application security assessments, or product security reviews we typically use what we call a ‘dropbox’ in order to grant our team members access to the network or system that we are testing. These might...
Rails Vulnerabilities and Where To Find Them – Part 2

Rails Vulnerabilities and Where To Find Them – Part 2

Picking up where we left off last week, check out Rails Vulnerabilities and Where To Find Them – Part 1 if you have not, we will be taking a look at some additional common security issues with Ruby on Rails applications and where they are typically found within...