Vulnerability assessment vs pentest: What’s the difference?

You can expect any midlevel or higher security certification test to require you to compare and contrast a vulnerability assessment vs pentest. The difference is important. But since I still see people confusing the two, let me explain them.

I conduct vulnerability assessments for a living. I’ve done some light pentesting in the past, but I’m happier doing assessments. I don’t want to be a penetration tester. That seems strange to some people. Maybe that gives me a good perspective to compare and contrast the two, because both have their uses. But they aren’t interchangeable.

Read more

Cleanbrowsing.org review

Cleanbrowsing.org review

I’ve advocated using something other than your ISP’s DNS for years. There’s little if any downside to doing so, and tons of upside. My current favorite third-party DNS is Cleanbrowsing.org because it does so much to improve performance and security. Here’s my Cleanbrowsing.org review.

First things first: Don’t worry about how much Cleanbrowsing.org costs. It has useful tiers available as a free service, even though it’s tremendously valuable.

Read more

Should I buy a used Chromebook?

Should I buy a used Chromebook?

Should I buy a used Chromebook? I asked myself that question for years. And argued with myself about it. Finally I decided to take the plunge and bought one. Here are the pros and cons to buying a used Chromebook, and what you should look out for to protect yourself.

Overall I recommend them. For less than the price of a year of Lifelock, you can do something that really will make a difference in how secure your personal finance is.

Read more

Inherent risk definition

Inherent risk definition

Sometimes you’ll hear insurance professionals, banking professionals, computer security professionals, and other people who deal with risk talk about inherent risk and its counterpart, residual risk. If these are unclear to you, or you just need a refresher, you came to the right place. Let’s take a look at a simple inherent risk definition and example, as well as residual risk.

Read more

Budget pfSense build with workstation parts

Budget pfSense build with workstation parts

I’ve written about pfSense before. It’s a router project based on FreeBSD, a free Unix project that never gained the popularity of Linux but is perfectly capable in its own right. But it doesn’t run on router hardware. It’s designed to run on a PC. But a lot of pfSense builds get expensive. So let’s look at a budget pfSense build. Let’s see what we can do for around $100-$150.

I see a lot of pfSense builds with price tags of $300. If you’re OK with using used equipment, you can build a nice machine for half that. And you don’t have to give up quality either. In fact, I’ll argue that building one my way gains you quality. Let’s get to it.

Read more

WordPress Appliance - Powered by TurnKey Linux