a guest May 5th, 2018 290 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
- Hey guys,
- I need your advice. I'm a part of a small code shop in the Portland area. Recently, one of our clients requested that we undergo penetration testing of both our product and our offices. We didn't think much of it, met the hackers, defined a scope and went on with our lives.
- Unfortunately, less than two weeks later we received the results of the testing when our development lead got an email containing pictures of every single member of the development team (coming from their laptop web cams).
- The hackers took our entire office network apart, showing us that they had access to emails, passwords, and even had full access to both test and production databases.
- Now the good news is that these guys were paid to do this, and they were very nice about pointing out places where we could improve, but it's scary to think what would have happened had these been more malicious people.
- Mike and Chris, would you guys know of any resources or be able to recommend any places that offer good training in security? As a developer, I often feel that security is removed from what I do but clearly I need to get better at it.
- Keep up the good work
- - Jacob
RAW Paste Data