Exploits and Offensive Techniques in TeamMentor

Sometimes people ask if there are exploits or the latest offensive techniques in TeamMentor. The short answer is no. It doesn’t seem like an appropriate place for that type of information, because the focus is on preventing vulnerabilities. Preventing vulnerabilities makes exploits and offensive techniques irrelevant.

There may be some value to describing some attack scenarios so that people understand the threats better and how to defend from them, but it’s not necessary to describe any specific exploits or techniques to do that.

There is a strange appeal to talking about exploits and attack techniques; for some reason these things tend to draw a lot of attention. In practice, they are actually very simple, especially for web application.

Information about tools is another popular request. Generally speaking, preventing vulnerabilities is not accomplished by tools, but rather by following simple and proven methods during application development. Carrying out attacks often involves tools, but often custom tools and exploits have to be developed, so again focusing strictly on the existing and mature tools isn’t very practical.

There is clearly demand for information about active threats and a blog seems like a more appropriate medium for it than TeamMentor. TeamMentor is focused on enduring principles and preventative/remediation/compliance solutions. A blog is more appropriate for time-sensitive, rapidly changing, and specific information.


One thought on “Exploits and Offensive Techniques in TeamMentor

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s