We’ve talked in a previous post about how host compliance audits are a great way to get a low-level, detailed understanding of your hardening practices and security on a system-by-system basis. But it may not be clear exactly how this type of analysis is done and what your testing team would need to perform a […]
Over the past few months, we have had several customers ask us about when is the right time to penetration test a new application in their environment. Right off the bat, we like this question, because it recognizes the fact that a new application needs a penetration test. You never want to roll a new […]
We’ve talked previously about why an incident response tabletop exercise can be a useful tool for your security program. But taking a step back, let’s take a closer look at what makes an incident response tabletop exercise successful. While a tabletop exercise can be a great way to step through your incident response process on […]
In this blog, we are going to talk about some of the disadvantages of a bug bounty program compared to a penetration test. Don’t get us wrong, there are many advantages of a bug bounty program, in fact, we just did an entire blog dedicated to the subject. While Triaxiom Security is a company founded […]
On the journey to building a security program, or evolving the one you’ve currently got in place for your organization, there are a number of controls you’ve got to consider. Some of those controls, like the ones we talk about here, are either contingent upon other controls already being in place or require a significant […]
In our article last week on how to get started when building a security program, we covered a lot of the foundational aspects you should be considering when trying to start an information security program for the first time or build a more organized roadmap to mature your current security program. You may be doing […]
