What can we learn from our recent red team penetration testing results about the state of information security in 2017.
Red Team Penetration Testing – Going All the Way (Part 2 of 3)
The further chronicles of Anitian’s red team testing. Armed with a single stolen user account, we completely compromise a corporate network.
Red Team Penetration Testing – Anything Goes (Part 1 of 3)
Chronicle of a recent red team penetration test from Anitian’s Ring.Zer0 team that shows how a dedicated attacker can bypass even the best defenses.
Goodbye Yellow Brick VAR
Oh we’ve finally found where our future lies, beyond the yellow brick VAR.
The Gilfoyle Problem
We are going on a Vision Quest to explore our Gilfoyle Problem in IT and cybersecurity.
PCI DSS 3.2 Multi-Factor Authentication Clash
Multi-factor authentication (MFA) is a tried and true technology that rarely incites debate. How then did MFA became a hotly debated topic at the PCI Standards Council North American Community Meeting? The answer is a classic clash of theory and reality.
More Hacking SQL Servers Without a Password
We return to hacking SQL servers, with a whole new script that automates the attack.
Future SOC
People passively monitoring alerts is not an effective SOC strategy. We need a Future SOC.
Nuke the Checkbox Audit from Orbit, or Alienate the Millennials
Millennials have a high affinity for authentic leadership. That means your information security program must also be authentic. Purging the practice of checkbox audits is one change that will keep your Millennial workforce engaged.
Hacking Nagios: The Importance of System Hardening
A recent penetration test uncovered some serious vulnerabilities in a Nagios deployment and served as a reminder that system hardening is vital to good security.
