Featured Posts

Tips & Best Practices for Configuring Squid with NTLM Authentication

Tips & Best Practices for Configuring Squid with NTLM Authentication

If you’ve ever worked in environments requiring a proxy, reverse proxy, or caching system, you’ve likely heard of Squid proxy. Squid is one of the leading open-source proxy tools with an extensive community and available plugin library. As is the case with many large,...

Anitian Named Finalist in Black Unicorn Awards for 2022

Anitian Named Finalist in Black Unicorn Awards for 2022

Company recognized as a finalist in the Baby Black Unicorn category, having potential of being valued at $1B in near future. PORTLAND, OREGON — October 27, 2022 — We are thrilled to announce that Anitian, the leading provider of cloud security and compliance...

Anitian Named a Sample Vendor in Three Gartner Hype Cycle Reports

Anitian Named a Sample Vendor in Three Gartner Hype Cycle Reports

Company included in Hype Cycle for Agile and DevOps, Hype Cycle for I&O Automation, and Hype Cycle for Cyber Risk Management.  Link to release via GlobeNewswire.com PORTLAND, Oregon — August 24, 2022 — Anitian, the leading cloud application security and compliance...

Debunking Quantum Cloud Myths

Debunking Quantum Cloud Myths

In many ways, the human appetite for computing power is ever-growing. More computing power can be found in the cloud for our ever-growing thirst for power. But that’s still not enough. Enter the next generation of computing power — quantum computing. In this episode...

All Posts

PCI DSS 3.2 Multi-Factor Authentication Clash

PCI DSS 3.2 Multi-Factor Authentication Clash

Multi-factor authentication (MFA) is a tried and true technology that rarely incites debate. How then did MFA became a hotly debated ...
Read More
More Hacking SQL Servers Without a Password - Anitian

More Hacking SQL Servers Without a Password

We return to hacking SQL servers, with a whole new script that automates the attack ...
Read More
CD114-LL-Cybersecurity

Future SOC

People passively monitoring alerts is not an effective SOC strategy. We need a Future SOC ...
Read More
The Technology You Own, Ends Up Owning You - Anitian

The Technology You Own, Ends Up Owning You

Has information security become a sham? Maybe it is not another security technology we need. Maybe the technology we own, now ...
Read More
nuke

Nuke the Checkbox Audit from Orbit, or Alienate the Millennials

Millennials have a high affinity for authentic leadership. That means your information security program must also be authentic. Purging the practice ...
Read More
Hacking Nagios: The Importance of System Hardening - Anitian

Hacking Nagios: The Importance of System Hardening

A recent penetration test uncovered some serious vulnerabilities in a Nagios deployment and served as a reminder that system hardening is ...
Read More
Preview of the PCI DSS v3.2

Preview of the PCI DSS v3.2

Anitian has a preview of the upcoming changes to the PCI DSS 3.2 ...
Read More
Hacking Microsoft SQL Server Without a Password

Hacking Microsoft SQL Server Without a Password

Using a Man in the Middle (MITM) style attack and some packet manipulation, you can hack any Microsoft SQL Server and ...
Read More
Digging Deeper - Striking Gold in Penetration Testing - Anitian

Digging Deeper – Striking Gold in Penetration Testing

Sometimes automated scanners cannot detect subtle vulnerabilities embedded deep inside scripts. It pays to dig a little deeper to strike vulnerability ...
Read More
techniques-feb-20151

Illusions of Information Security – The Struggle for Truth

In October 1995, I finally found my calling. What I found was SQL Injection, perhaps the most prevalent web site hack ...
Read More
Anatomy of a Hack: Cross-Site Request Forgery (CSRF) - Anitian

Anatomy of a Hack: Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery is a common vulnerability that many web application scanners can miss. In this real-world example, Anitian demonstrates how ...
Read More
allaboutme

Enough with the Stunt Hacking

The time has come for the information security profession to reject stunt hacking such as the sensational car hacks that Charlie ...
Read More
AWS_LOGO_RGB_300px

PCI Compliance for the AWS Cloud

Anitian’s Workbook for PCI Compliance in the AWS Cloud takes the guesswork out of making your AWS infrastructure PCI DSS compliant ...
Read More
thinker

The Ethical Conundrums of Vulnerability Research

The boundary between right and wrong resists permanence in cybersecurity. The case of Chris Roberts and his alleged flight systems hacking ...
Read More
The Battle for Endpoint Security Begins (Again)

The Battle for Endpoint Security Begins (Again)

Anti-virus may be dead, but endpoint security analytics is young, healthy, and about to pop up on your task bar in ...
Read More
weak-link

PCI Set to Ban SSL Protocol

The PCI DSS is ready to ban SSL and TLS 1.0 and 1.1 in response to vulnerability disclosures ...
Read More

Slash your costs with Anitian

Gartner Hype Cycle - Anitian

FedRAMP guide