Featured Posts

The Post-COVID Cloud Boom Report: A Deep Dive

The Post-COVID Cloud Boom Report: A Deep Dive

In this episode of the Security on Cloud Podcast, we’re joined by Dr. Larry Ponemon, the Chairman and Founder of the Ponemon Institute who is also considered by many to be a pioneer in privacy auditing, to talk more in-depth about the findings of our latest report,...

Anitian Wins Nine Global InfoSec Awards at RSA Conference 2022

Anitian Wins Nine Global InfoSec Awards at RSA Conference 2022

Anitian named top cybersecurity company in an astounding nine categories, including Hot Company Security Company of the Year, Most Comprehensive Compliance, and Hot Company Enterprise Security. Link to release via GlobeNewswire.com RSA CONFERENCE, SAN FRANCISCO — June...

Security Advocacy in the Cloud with Jacob Ansari from Schellman

Security Advocacy in the Cloud with Jacob Ansari from Schellman

In this episode, we talk with Jacob Ansari, a Security Advocate at Schellman, who leads the firm's security best practices advocacy. With experience as a CISO and assessor, Jacob develops and leads educational efforts on security practices, emerging threats, and...

All Posts

Preview of the PCI DSS v3.2

Preview of the PCI DSS v3.2

Anitian has a preview of the upcoming changes to the PCI DSS 3.2 ...
Read More
Hacking Microsoft SQL Server Without a Password

Hacking Microsoft SQL Server Without a Password

Using a Man in the Middle (MITM) style attack and some packet manipulation, you can hack any Microsoft SQL Server and ...
Read More
Digging Deeper - Striking Gold in Penetration Testing - Anitian

Digging Deeper – Striking Gold in Penetration Testing

Sometimes automated scanners cannot detect subtle vulnerabilities embedded deep inside scripts. It pays to dig a little deeper to strike vulnerability ...
Read More
techniques-feb-20151

Illusions of Information Security – The Struggle for Truth

In October 1995, I finally found my calling. What I found was SQL Injection, perhaps the most prevalent web site hack ...
Read More
Anatomy of a Hack: Cross-Site Request Forgery (CSRF) - Anitian

Anatomy of a Hack: Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery is a common vulnerability that many web application scanners can miss. In this real-world example, Anitian demonstrates how ...
Read More
allaboutme

Enough with the Stunt Hacking

The time has come for the information security profession to reject stunt hacking such as the sensational car hacks that Charlie ...
Read More
AWS_LOGO_RGB_300px

PCI Compliance for the AWS Cloud

Anitian’s Workbook for PCI Compliance in the AWS Cloud takes the guesswork out of making your AWS infrastructure PCI DSS compliant ...
Read More
thinker

The Ethical Conundrums of Vulnerability Research

The boundary between right and wrong resists permanence in cybersecurity. The case of Chris Roberts and his alleged flight systems hacking ...
Read More
The Battle for Endpoint Security Begins (Again)

The Battle for Endpoint Security Begins (Again)

Anti-virus may be dead, but endpoint security analytics is young, healthy, and about to pop up on your task bar in ...
Read More
weak-link

PCI Set to Ban SSL Protocol

The PCI DSS is ready to ban SSL and TLS 1.0 and 1.1 in response to vulnerability disclosures ...
Read More
robot-infosec

Can Security Analytics Replace Humans?

The dream of a “self-defending” network has been alive for a decade. However, recent advances in Security Analytics technologies portend the ...
Read More
2014-2015

IT Security Year in Review: Start-Stop-Stay 2015

2014 was a busy year for IT security. From Shellshock to Sony, the hacks were fast and furious. As such, this ...
Read More
PCI 3.0 Secure Authentication Requirement - Anitian

PCI 3.0 Secure Authentication Requirement

The new PCI 3.0 introduces a subtle, but important new requirement for addressing security authentication and session management for web applications ...
Read More
vulnerabilities

Vulnerability Management for the Win

How do you build a successful vulnerability management program? It involves a lot more than just scanning devices. Effective vulnerability management ...
Read More
Shellshock bug is bad

Shellshock: What You Need to Know

The Shellshock bug is a serious flaw affecting Unix, Linux and Macs. Anitian has a quick summary of the issue and ...
Read More
Why do retailers keep getting breached?

Why Do Retailers Keep Getting Breached?

Every week it seems there is a new breach. Why do retailers keep getting breached? Anitian has identified five primary reasons ...
Read More

Slash your costs with Anitian

Gartner Hype Cycle - Anitian

FedRAMP guide