In this blog, we will discuss some ways your organization can improve its wireless security. To do this, we will take a look at our 3 of the top findings we see during wireless penetration tests and discuss how to mitigate the associated risks. We’ll look at rogue access points, the risks associated with pre-shared […]
As we have previously discussed, it is often times difficult to justify the budget and quantify the return on investment for a penetration test. While we always recommend ensuring your firm is conducting a reasonable amount of testing with a sufficient scope to maintain a stable security posture, we recognize that sometimes the budget and […]
One of the things you’ll hear us say a lot is that we try to ensure all of our tests are as holistic as possible, to help you truly understand the cyber risk to your organization. But what does that really mean? Are our penetration testers using herbs and essential oils rather than our standard […]
Today we will review the various roles and responsibilities during a penetration test, from both the client and the Triaxiom vantage points. Every project is different and has its nuances, but for the sake of this article, we will assume that the project is a small external penetration test of 5 IP addresses for ACME, […]
Unlike the financial analysis of a “normal” project or investment, it is tough to ultimately determine the return on investment of a penetration test. We like to relate a penetration test to your annual physical with your doctor. You go to your doctor to get a check-up as a preventative measure with the hope that […]
This may or may not surprise you, but a significant number of people either don’t know how to choose a strong password or decide not to because they don’t think it’s worth the hassle. It’s true! As part of an internal penetration test, after we get domain administrator permissions, we harvest all of the hashed […]
Social Engineering is one of the most important tests you can have performed because it evaluates the largest risk to your organization. In 2018, 83% of organizations faced a social engineering attack, so it is very likely that this is a threat you are going to continue to see in the new year. Because of […]
Social engineering attacks hit organizations constantly. In 2018, not only did an average of 83% of organizations see a phishing attempt, there was an increase in credential theft related to phishing attacks of more than 70%. So it’s no surprise that many organizations are trying to figure out how susceptible they are to this kind […]
Have questions about a web application penetration test? We have you covered in this blog. This is our complete web application penetration test guide which will briefly introduce all of the other blogs we’ve written on the topic and provide a link to more detailed information, should you need it. What is a Web Application […]
This blog outlines Triaxiom Security’s methodology for conducting mobile application penetration tests. A mobile application penetration test emulates an attack specifically targeting a custom mobile application (iOS and/or Android) and aims to enumerate all vulnerabilities within an app, ranging from binary compile issues and improper sensitive data storage to more traditional application-based issues such as […]
