As with salaries in most fields, the answer here is it depends. In any field or industry there is a certain level of supply and demand that helps dictate salaries. Luckily in the field we’re discussing today, there is a pretty short supply of penetration testers out there and, therefore, the salaries we’re seeing tend […]
With the rise of working on the go and the age of constant connectivity, application developers and companies focused on software are spreading their products and supporting just about any device that has Internet connectivity. While the applications being created may look and feel the same on different devices, the underlying architecture and attack surface […]
In a lot of organizations we work with, something as simple as changing the password policy from a minimum length requirement of 8 to 14 is anything but simple. They have to get approval, organizational buy-in from top management, and then deal with hundreds of help desk tickets and frustrated employees once the change is […]
In today’s blog, we are going to take a look at how to make a better wordlist. When performing password attacks, whether online or offline, wordlists are a much better approach than a traditional brute force. Even with an offline password attack using a machine designed to crack passwords efficiently, a brute force of just […]
To cut to the chase, the answer is Yes. Triaxiom Security is a QSA company and has multiple QSA employees on staff. According to the PCI Security Standards Council, “Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI […]
In September of 2018, California became the first state to pass a law requiring manufacturers to secure connected devices. The bill, TITLE 1.81.26. Security of Connected Devices, is the first of its kind for Internet of Things (IoT) devices and today we will explore some of the finer details of the law which comes into effect January […]
