Featured Posts

20 Statistics That Today’s DevSecOps Teams Should Know

20 Statistics That Today’s DevSecOps Teams Should Know

In a recent report, leading analyst firm Gartner predicted that the Public Cloud Services Market will continue to gain steam, reaching $397.4B by 2022. This is surely due, in part, to the fact that an overwhelming number of enterprise CEOs are making digital business...

Security Confessions of a Venture Capitalist

Security Confessions of a Venture Capitalist

In this must-listen episode of the Security on Cloud Podcast, we sat down with veteran cybersecurity venture capitalist, Sean Cunningham, Managing Director at ForgePoint Capital. With over 25+ years of cybersecurity venture capital (VC) investment experience — as well...

“Trust” — the Biggest Security Vulnerability in the Cloud

“Trust” — the Biggest Security Vulnerability in the Cloud

In this episode of the Security on Cloud Podcast, we're joined by the well-known white-hat hacker, Robert Hansen, of Bit Discovery. As a 26-year veteran in the computer security industry and known by insiders as “RSnake”, Robert shares how he became a security...

Anitian Announces Collaboration with Microsoft Azure

Anitian Announces Collaboration with Microsoft Azure

Anitian Compliance Automation Platform will be available on Azure, helping customers certify and protect their cloud workloads. Link to release via PR Newswire PORTLAND, Oregon – March 4, 2021 – Anitian, a leading provider of cloud security and compliance automation...

All Posts

More Hacking SQL Servers Without a Password - Anitian

More Hacking SQL Servers Without a Password

We return to hacking SQL servers, with a whole new script that automates the attack ...
Read More
CD114-LL-Cybersecurity

Future SOC

People passively monitoring alerts is not an effective SOC strategy. We need a Future SOC ...
Read More
The Technology You Own, Ends Up Owning You - Anitian

The Technology You Own, Ends Up Owning You

Has information security become a sham? Maybe it is not another security technology we need. Maybe the technology we own, now ...
Read More
nuke

Nuke the Checkbox Audit from Orbit, or Alienate the Millennials

Millennials have a high affinity for authentic leadership. That means your information security program must also be authentic. Purging the practice ...
Read More
Hacking Nagios: The Importance of System Hardening - Anitian

Hacking Nagios: The Importance of System Hardening

A recent penetration test uncovered some serious vulnerabilities in a Nagios deployment and served as a reminder that system hardening is ...
Read More
Preview of the PCI DSS v3.2

Preview of the PCI DSS v3.2

Anitian has a preview of the upcoming changes to the PCI DSS 3.2 ...
Read More
Hacking Microsoft SQL Server Without a Password

Hacking Microsoft SQL Server Without a Password

Using a Man in the Middle (MITM) style attack and some packet manipulation, you can hack any Microsoft SQL Server and ...
Read More
Digging Deeper - Striking Gold in Penetration Testing - Anitian

Digging Deeper – Striking Gold in Penetration Testing

Sometimes automated scanners cannot detect subtle vulnerabilities embedded deep inside scripts. It pays to dig a little deeper to strike vulnerability ...
Read More
techniques-feb-20151

Illusions of Information Security – The Struggle for Truth

In October 1995, I finally found my calling. What I found was SQL Injection, perhaps the most prevalent web site hack ...
Read More
Anatomy of a Hack: Cross-Site Request Forgery (CSRF) - Anitian

Anatomy of a Hack: Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery is a common vulnerability that many web application scanners can miss. In this real-world example, Anitian demonstrates how ...
Read More
allaboutme

Enough with the Stunt Hacking

The time has come for the information security profession to reject stunt hacking such as the sensational car hacks that Charlie ...
Read More
AWS_LOGO_RGB_300px

PCI Compliance for the AWS Cloud

Anitian’s Workbook for PCI Compliance in the AWS Cloud takes the guesswork out of making your AWS infrastructure PCI DSS compliant ...
Read More
thinker

The Ethical Conundrums of Vulnerability Research

The boundary between right and wrong resists permanence in cybersecurity. The case of Chris Roberts and his alleged flight systems hacking ...
Read More
The Battle for Endpoint Security Begins (Again)

The Battle for Endpoint Security Begins (Again)

Anti-virus may be dead, but endpoint security analytics is young, healthy, and about to pop up on your task bar in ...
Read More
weak-link

PCI Set to Ban SSL Protocol

The PCI DSS is ready to ban SSL and TLS 1.0 and 1.1 in response to vulnerability disclosures ...
Read More
robot-infosec

Can Security Analytics Replace Humans?

The dream of a “self-defending” network has been alive for a decade. However, recent advances in Security Analytics technologies portend the ...
Read More

Slash your costs with Anitian

Gartner Hype Cycle - Anitian

FedRAMP guide