Black Watch Labs - FAQ FAQ
Vulnerabilities
Register

Frequently Asked Questions

Q: What is Black Watch Labs?

A: Black Watch Labs (www.perfectotech.com/blackwatchlabs/) is the first white hat resource for information about Web Application Security Management. Founded by Perfecto Technologies, Black Watch Labs will provide information - including alerts on newly discovered Web application security vulnerabilities - to security professionals and Web site administrators.


Q: Why did Perfecto Technologies form Black Watch Labs?

A: Black Watch Labs was created to further the state of knowledge about Web Application Security Management issues and to help Internet security professionals and Web site administrators protect their sites against hackers attempting to exploit Web application weaknesses.


Q: Why is Perfecto Technologies qualified to perform this service?

A: Perfecto Technologies is the leader in the Web Application Security Management market. In developing its AppShield™ product and evaluating the security environments of customers using Perfecto's AppAudit™ service, Perfecto has developed a great deal of Web Application Security Management expertise.


Q: How is Perfecto supporting Black Watch Labs?

A: Black Watch Labs is staffed by Perfecto's in-house team of Web application security experts and researchers. Black Watch Labs has also formed close ties with members of the Internet security community and provides links to other security information resources on the Web.


Q: How is Black Watch Labs disseminating information about security vulnerabilities?

A: Black Watch Labs maintains an up-to-date Web site with information about Web application security vulnerabilities, white papers, advisories and links to other security information resources. In addition, Black Watch Labs will e-mail advisories regarding newly discovered Web application security vulnerabilities to its mailing list of registered users. Security professionals may subscribe to the list at the Black Watch Labs Web site (www.perfectotech.com/blackwatchlabs/).


Q: What is the extent of the Web Application Security Management problem?

A: While difficult to measure precisely, the dimensions of the Web application security problem are quite large. According to International Computer Security Association (ICSA), nearly 60% of all Web site hacks are Web application hacks.


Q. What are Web application hacks?

A. Put simply, Web application hacks exploit weaknesses in applications running on a Web site that arise when end users interact with the application in unexpected ways. In effect, hackers attempt to gain access to the Web applications directly through the Web site itself. Web application hacks typically exploit weaknesses in third-party products such as Web servers, application servers and internally developed code, such as Common Gateway Interfaces (CGIs).


Q: If they occur so often, why aren't Web application hacks more widely publicized?

A: For obvious reasons, companies with a Web site aren't anxious to publicize successful hacking attempts. In addition, because there are such a great number and variety of Web application hacks, successful hacks are often mistakenly written off as one-time, "freak" occurrences.


Q: Is it necessary to provide all of the details of a hacking exploit?

A: Yes. Full disclosure is essential. Security professionals require complete information in order to evaluate the validity of a hacking exploit and determine how best to defend against it.


Q: What do you do to alert the vendor of the vulnerability?

A: We always contact the vendor and give them a few weeks to respond. Some of them choose to fix it (see DBMan advisory for example), and some of them don't. However, when the advisory gets published frequently the vendor will fix it. So, overall the advisories not only educate security professionals on the problem, they also encourage vendors to fix the holes.


Q: Don't you run the risk of giving hackers the tools to do more damage?

A: Hackers already know how to hack. Black Watch Labs levels the playing field by giving security professionals the opportunity to prepare defenses against new hacking exploits.


Q: Does Black Watch Labs employ hackers?

A: No. Black Watch Labs employs security professionals who are dedicated to helping companies with Web sites defend themselves against hacker attacks.


Q: What is the origin of the name "Black Watch Labs" ?

A: Following the Scottish rebellion in 1715, trustworthy Highlanders were chosen from loyal clans to suppress further rebellious activity. According to ElectricScotland.com:

"Many of the men who composed these companies were of a higher station in society than that from which soldiers in general are raised; men who felt themselves responsible for their conduct to high-minded and honorable families..."

Perfecto's Black Watch Labs is composed of trustworthy security experts who are protecting the integrity of the Internet by identifying and sharing Web application vulnerabilities before they can be exploited by unethical hackers.
  1. https://www.gustudentassociation.org/
  2. https://kimmerestaurant.com/
  3. https://www.nyonyafood.com/
  4. https://www.perfectotech.com/
  5. https://www.planetgapyear.com/
  6. https://whatcomvet.com/
  7. https://theclassicyachtexperience.com/
  8. https://www.batonrougerosesociety.org/
  9. https://www.finburysullivan.com/
  10. https://mikrofinanzinstitut.com/
  11. https://oakgroveplantationsc.com/
  12. https://www.the-vision-of-harmony.org/
  13. https://www.pantheonpress.com/
  14. https://thefinancialgraduate.com/
  15. https://www.thenutkitchen.com/
  16. https://altiboutique.com/
  17. https://ambushsweden.com/
  18. https://goingonforgod.com/
  19. https://lasdopestattorney.com/
  20. https://www.sewardne.com/
  21. https://www.tehranfestival.com/
  22. https://www.bistrotmarin.com/
  23. https://brysonchristianmontessorischool.com/
  24. https://www.excalibureurope.com/
  25. https://www.tropicaltopless.com/
  26. https://www.originallotsoflox.com/
  27. https://www.wavespace-berlin.com/
  28. https://www.nicolasboutruche.com/
  29. https://www.michiganmediates.org/
  30. https://www.victoria-abbott.com/
  31. https://www.yourmyrtlebeachproperty.com/
  32. https://metrcconference.com/
  33. https://biotechscope.com/
  34. https://jzbrasil.com/
  35. https://kingswoodacquisition.com/
  36. https://www.mobilegourmetkitchen.com/
  37. https://saafootball.org/
  38. https://griefergames.info/
  39. https://ampalauragarcianoblejas.com/
  40. sbobet
  41. judi parlay
  42. togel kamboja
  43. Pengeluaran Cambodia
  44. judi bola
  45. demo slot
  46. Togel Kamboja
  47. keluaran Kamboja
  48. slot thailand
  49. togel kamboja
  50. keluaran kamboja
  51. togel Kamboja
  52. slot demo
  53. keluaran cambodia
  54. togel cambodia
  55. demo mahjong
  56. live draw macau
  57. slot thailand
  58. pengeluaran kamboja