.png)
PCI DSS Security Program vCISO CISO Risk Assessment Privacy SOC2 Penetration Testing HIPAA CCPA CIS Controls ISO27001 GDPR Red Teaming
Penetration Testing, Security Program, Risk Assessment
Ransomware is still a major threat. In fact, the Tactics, Techniques and Procedures (TTP's) of ransomware gangs have evolved so much that it has created new business models within the darknet where premium services such as Ransomware as a Service (RaaS) are offered. The reality
CISO, vCISO, Penetration Testing, HIPAA, Security Program, Risk Assessment
At the heart of your disaster recovery plan, organizations often disregard data backup and recovery systems when it comes to pen testing and maintaining security. Vulnerable backup systems make for an attractive target by ransomware gangs, grief/
PCI DSS, CISO, vCISO, Penetration Testing, HIPAA, Security Program, Risk Assessment, Red Teaming
Scope is an important shaping tool that, when leveraged properly, can help enhance engagement outcomes during penetration testing, red team and other security operations. Like any tool, however, when used incorrectly it can have devastating
PCI DSS, SOC2, vCISO, Penetration Testing, HIPAA, CIS Controls, Security Program, Risk Assessment, Privacy, CCPA, ISO27001
Application Program Interfaces (APIs) have changed in nature in recent years and are increasingly (and sometimes inadvertently) being made available to users of web services, the “Apps” (applications) on mobile devices, and internally for the web
PCI DSS, vCISO, Penetration Testing, Security Program
Introduction PCI DSS requires Internal, External Penetration testing, and Segmentation testing. But these terms are not crisply defined. In fact, “internal” is used elsewhere in the standard (for example internal vulnerability scanning) where it
Penetration Testing, Security Program, Risk Assessment
The case of the Marriott hack is, at once, an alarming prospect for the chain’s previous guests and an invaluable case study for any organization involved in any kind of merger. At the very least, it serves as a cautionary tale for businesses that
Penetration Testing, CIS Controls, Security Program, Risk Assessment
In these difficult times, as many of us adapt to the disruptive new-normal of distance working, a robust information security program becomes more important than ever.
Pentesting the People; social engineering is an easy vulnerability When it comes to penetration testing of an enterprise, you instantly think about all the cool tools and tactics used to enumerate the target and locate a possible vulnerability that
As an aspiring penetration tester, it is not always the extensive rootkits or the backdoor metasploit exploits that you need to focus on with every testing engagement. Sometimes, the best way in is to just try the front door. If you can learn to
The art of penetration testing is one that takes a lot of fore-learned knowledge about a specific technology and system in order to really understand how they can be exploited. There are many loopholes that will allow potential malicious actors an
Penetration Testing, Security Program, Risk Assessment
Ransomware is still a major threat. In fact, the Tactics, Techniques and Procedures (TTP's) of ransomware gangs have evolved so much that it ...
CISO, vCISO, Penetration Testing, HIPAA, Security Program, Risk Assessment
At the heart of your disaster recovery plan, organizations often disregard data backup and recovery systems when it comes to pen testing and ...
PCI DSS, CISO, vCISO, Penetration Testing, HIPAA, Security Program, Risk Assessment, Red Teaming
Scope is an important shaping tool that, when leveraged properly, can help enhance engagement outcomes during penetration testing, red team and ...
PCI DSS, SOC2, vCISO, Penetration Testing, HIPAA, CIS Controls, Security Program, Risk Assessment, Privacy, CCPA, ISO27001
Application Program Interfaces (APIs) have changed in nature in recent years and are increasingly (and sometimes inadvertently) being made ...
PCI DSS, vCISO, Penetration Testing, Security Program
Introduction PCI DSS requires Internal, External Penetration testing, and Segmentation testing. But these terms are not crisply defined. In ...
Penetration Testing, Security Program, Risk Assessment
The case of the Marriott hack is, at once, an alarming prospect for the chain’s previous guests and an invaluable case study for any ...
Penetration Testing, CIS Controls, Security Program, Risk Assessment
In these difficult times, as many of us adapt to the disruptive new-normal of distance working, a robust information security program becomes ...
Pentesting the People; social engineering is an easy vulnerability When it comes to penetration testing of an enterprise, you instantly think ...
As an aspiring penetration tester, it is not always the extensive rootkits or the backdoor metasploit exploits that you need to focus on with ...
The art of penetration testing is one that takes a lot of fore-learned knowledge about a specific technology and system in order to really ...
