Social engineering attacks hit organizations constantly. In 2018, not only did an average of 83% of organizations see a phishing attempt, there was an increase in credential theft related to phishing attacks of more than 70%. So it’s no surprise that many organizations are trying to figure out how susceptible they are to this kind […]
Have questions about a web application penetration test? We have you covered in this blog. This is our complete web application penetration test guide which will briefly introduce all of the other blogs we’ve written on the topic and provide a link to more detailed information, should you need it. What is a Web Application […]
This blog outlines Triaxiom Security’s methodology for conducting mobile application penetration tests. A mobile application penetration test emulates an attack specifically targeting a custom mobile application (iOS and/or Android) and aims to enumerate all vulnerabilities within an app, ranging from binary compile issues and improper sensitive data storage to more traditional application-based issues such as […]
This blog outlines Triaxiom Security’s methodology for conducting Application Programming Interface (API) penetration tests. An API penetration test emulates an external attacker or malicious insider specifically targeting a custom set of API endpoints and attempting to undermine the security in order to impact the confidentiality, integrity, or availability of an organization’s resources. This document outlines […]
When we are talking through social engineering with a potential or current client, we notice that many times, the client will respond with some variation of “I already know my users are going to fall for it.” If you already know your users are going to fall for it, what’s the point of a social […]
This blog outlines Triaxiom Security’s social engineering methodology, which is used to guide our engineers during these types of engagements. Social engineering engagements are designed to target and take advantage of the human-element to gain access to your network. During the engagement, a variety of methods are used to get an employee to click on […]
