Regular penetration tests, unfortunately, do not guarantee you won’t be hacked. In fact, if a firm offers you any sort of guarantee with regards to the results and your susceptibility to a breach following an assessment, this should be a red flag. While we can’t give you a penetration test guarantee that you won’t be […]
As we’ve discussed previously, a host compliance audit is an assessment of the configuration of a particular system (workstation, server, or network device) or set of systems. The configuration settings are compared to published security standards, industry best practice, and the security engineer’s experiences to highlight potential vulnerabilities and misconfigurations that result in risks to […]
A host compliance audit is a type of security assessment that involves the manual inspection of a workstation, server, or network device by a trained security engineer in order to evaluate the configuration, hardening, and security controls applied to the target. Using a published best practice standard, like the Center for Internet Security (CIS) benchmarks, […]
A password spray or password spraying attack is one of the most useful items in a penetration testers toolbox. This style of attack is used on almost every single external and internal penetration test. And if penetration testers are using it, you know that means hackers and malicious actors out there are using it as […]
Before you hire someone to physically break into your organization, it is probably a good idea to understand what steps they are going to take. In this blog, we will review our physical penetration testing methodology, which is the basic outline for any physical penetration test we perform. If you haven’t already, it might be […]
Recently, we were asked by a client “what MFA is the best for an SMB?” We liked that question and thought others would benefit, so we decided to add it to our list of blog topics. Before writing that blog however, we decided we first needed a quick review of what multi-factor authentication (MFA) is […]
