An Introduction to Active Defense

Global research and advisory firm, Gartner, forecasts that information security spending will exceed $124 billion in 2019, yet cyber defenses continue to fail. Organizations large and small continue to experience breaches of all varieties resulting from zero-day exploits, failures in vulnerability patching, and phishing. The market has responded with a variety of security governance and[…]

Managing an Organization’s Passwords

How to keep the keys to the kingdom from escaping the kingdom. Proper password management is a huge step that an organization can take to strengthen security. It also addresses multiple criteria for all the major security frameworks. For example, see examples from ISO 27001 and SOC 2 as of the date of this writing:[…]

If It Can Talk to Networks, It Can Walk Across Them

Why the Internet of Things is a penetration tester’s most valuable asset. As technology moves at a seemingly exponential rate of growth and changes every day, more and more devices are being developed to contain additional “customer-savvy” features. Collectively termed the Internet of Things (IoT), this new wave of technology is vast. Where historically a[…]

ISO 27001: Understanding Security Roles and Responsibilities and Why They Are Vital to the Success of Your Security Program

When building your Information Security Management System (ISMS) as part of ISO 27001 program implementation one of the most important elements of the system of management for your security program is ensuring all stakeholders understand their roles and responsibilities. (If you are unfamiliar with ISO 27001 and the “ISMS” you can  read our whitepaper on[…]

Why You Need Penetration Testing

Capital One’s recent data breach is only the latest in the perennial series of high-profile data breaches that have occurred in the last few years.  What do Equifax, Home Depot, Target, and others have in common?  Great security programs with high-quality and competent people running them. These companies experienced data breaches despite putting forth their[…]

Vulnerability Management Makes it Harder to for Hackers to Exploit Your Systems

From a penetration tester’s perspective, there are a few things that quickly indicate an organization’s maturity (and the likelihood our team will be able to exploit their environment). If any of these exist, the chance we will be able to successfully breach their environment increases: Indicators a Hacker Can Breach Your Systems Aging Infrastructure One[…]

Diversion Tactics: Using Vulnerable Windows Servers to Fool Hackers

Windows Servers are practically irresistible to hackers everywhere. This makes the lone Windows Server a perfect candidate for a honeypot. In this post we explore how to use a Windows Server to divert a hacker’s attention from what matters than by giving them what they think is an easy win!

Understanding Phishing and How to Stop the Scam

Phishing is when a malicious individual, using email, impersonates a sender that an internal user would have familiarity with, sometimes targeted towards highly specific personnel (Spear Phishing), to execute their intent. Attackers can do this by spoofing their email address to make it appear as though it is coming from a trusted source. Low level[…]

Beyond Vulnerability Scans: Mitigating and Monitoring for Malware Leveraging C2 Systems

Many modern forms of malware are now file-less and rely on Command & Control (C2) infrastructure to assist outsiders with gaining unauthorized access to networks. This malware “phones home” to remote attackers, who then leverage the internal foothold to infiltrate networks and execute attacks. These attacks can be difficult to detect when security monitoring is[…]

Securing Enterprise Networks with Port-Based Network Access Control

One of the biggest threats facing enterprises are outsiders plugging directly into an Ethernet port and being granted instant, unauthenticated access to the network. This threat is especially common in hospitals where there is heavy use of computer systems mixed with untrusted outsiders roaming the halls. Shutting down unused ports is the traditional mitigation. Still[…]