all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

As a pen tester, how do you want to engage with a client?

Add to bookmarks
June 7, 2023, 1:40 a.m. | /u/Bitruder

cybersecurity www.reddit.com

We recently underwent a pen test and some of the results were confusing. We had a MEDIUM vulnerability because our website has port 80 open that redirects to 443. I thought that HSTS with preload wasn't officially supported? I brought this up and they just said "We consider port 80 traffic to be unsecure and thus a vulnerability". Second, they suggested that we are subject to javascript injection because they put a script tag in a field and then, since …

client cybersecurity hsts medium pen pen test port redirects results test thought vulnerability website

Visit resource

More from www.reddit.com / cybersecurity

How to Detect a GIFshell Attack: Step-by-Step Guide 2 hours ago | www.reddit.com
attack cybersecurity detect gifshell +1
Security Engineer 9 hours ago | www.reddit.com
account analyst cybersecurity detect +18
Active Directory Security A Concern? 10 hours ago | www.reddit.com
active directory active directory security cloud cybersecurity +8
NSA security designer goes to jail for sharing top secret files 12 hours ago | www.reddit.com
cybersecurity designer files goes +7
Thousands of Airsoft players under threat after data breach 12 hours ago | www.reddit.com
breach cybersecurity data data breach +3
Hackers of all kinds are attacking routers across the world | TechRadar 12 hours ago | www.reddit.com
cybersecurity hackers routers world
🤣 Ivanti is hiring an Offensive Security Engineer 13 hours ago | www.reddit.com
assessment cybersecurity old team +3
Migrating to Australia as a cybersecurity consultant 16 hours ago | www.reddit.com
australia clients consultant cybersecurity +11
Why is an entry level job so hard to get? 17 hours ago | www.reddit.com
automatic cybersecurity don down +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

SITEC- Systems Security Administrator- Camp HM Smith

@ Peraton | Camp H.M. Smith, HI, United States
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

General Manager, Cybersecurity, Google Public Sector

@ Google | Virginia, USA; United States
View on infosec-jobs.com

Cyber Security Advisor

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com
View more jobs