At Triaxiom Security, we have the distinct advantage of working with hundreds of clients across a variety of different verticals. One week, I may be conducting a penetration test for a Fortune 300 retail organization, and the next week I may be doing an audit for a hospital. This wealth of experience gives us the […]
In today’s blog, we are going to consider non-domain-joined system security. For most organization’s we test, this can include things like medical devices, systems in kiosk mode in public spaces, IoT devices, or other systems that were forgotten. If these systems are not on the domain, do we care? If so, why? How can an […]
On May 7th, Colonial Pipeline experienced a ransomware attack that shut down the largest supplier of gasoline to the South. This led to widespread panic-buying of gasoline across the southern United States. In Triaxiom’s home state of North Carolina, 71% of gas stations were without gasoline according to GasBuddy. In this blog, we will explore […]
2021 is finally here! While that is a relief for all of us, there are some cyber security trends from 2020 that will likely carry over into 2021. In this blog, we will look at three key cyber security trends we expect in 2021, and how we recommend you respond in anticipation of them. We […]
The Payment Card Industry (PCI) Security Standards Council (SSC) is an independent body created by Visa, MasterCard, Discover, American Express, and JCB formed in 2006 to develop and enforce standards to protect credit card information. Together, they created the PCI Data Security Standard (DSS), a baseline set of technical and operational requirements which applies to […]
Zoom has seen an incredible up-tick in their user base during the COVID-19 pandemic. Between schools, businesses, and individuals just trying to stay connected with family, Zoom has been one of the most popular video conferencing solutions to meet everyone’s newfound needs in this new remote and socially-distanced environment. With all of this increased attention […]
So you just had a client tell you that you need to be PCI certified, what comes next? First, every situation is slightly different, so it’s always a good idea to jump on a quick call with someone who is familiar with PCI to discuss your options, what’s being required of you, and what the […]
Penetration testing, or pen testing, is essentially hiring a security expert to ethically hack into your organization’s network and tell you what vulnerabilities exist, how an attacker may use them against you, and what the level of risk associated with those vulnerabilities is. Penetration test is commonly shortened to pen test, and the two can […]
In this blog, we are going to take a look at the Haddon Matrix to see how it can be used to help us in information security. The Haddon Matrix does not come from the security space, or really IT at all, but rather it is a term used in Injury Prevention. It has since […]
In today’s blog, we are going to look at how penetration testing has changed during the pandemic. With the increase in users working from home and less reliance on a corporate network, certain aspects of penetration testing have become easier, or more likely to succeed, while others have become much more difficult. We will explore […]
