The Blog

Penetration testing should be drastically different than your vuln management program. Sure - there might be some overlap between exploitable vulnerabilities, but those similarities end at 10:15 on Monday morning.

While LLMNR and NBT-NS provide convenient name resolution services on local networks, especially in environments where DNS configuration is minimal or non-existent, they also present significant security vulnerabilities.

Goal-based penetration testing from Strategic Defense is a blend of offensive security testing that serves to highlight an organization's real-world risk.