Finding Your Inner Evildoer

Finding Your Inner EvildoerThis whitepaper discusses the three pillars that every security testing foundation must have, according to Joe Basirico, Security Analyst at Security Innovation. These pillars include:

  • ImaginationA great imagination extends beyond the ability to imagine a system as it could be, but extends to envision the truly interesting bugs and vulnerabilities in a system. You need to be able to ask yourself "what’s really going on here?" and "how would I build this?"
  • Complete Knowledge of the System An awesome security tester has deep knowledge about everything that goes on in a computer system. There are so many things that can go wrong, be misconfigured, or be out of place. A good hacker needs to be able to quickly identify things that are out of place so they can assess the application for potential weaknesses.
  • Evil Streak - This is the ability to take a potential vulnerability to it's logical end. It's possibly the most important quality in a hacker. Not because it gives you some superhuman ability, but rather because it gives the spark that will drive the other two qualities.