A physical penetration test emulates an attacker trying to physically break into your organization and steal sensitive information or gain access to the internal network. If you haven’t already seen it, check out our blog on the top 3 ways we gain access to your environment during a physical penetration test. While you are at it, you […]
A wireless penetration test is a holistic review of your wireless environment and the risk it presents to your organization as a whole. This assessment includes tactical testing that determines whether an attacker in the parking lot can gain access to your corporate network through your wireless signal. However, in contrast to other penetration tests, […]
We’ve talked in a previous post about how host compliance audits are a great way to get a low-level, detailed understanding of your hardening practices and security on a system-by-system basis. But it may not be clear exactly how this type of analysis is done and what your testing team would need to perform a […]
Over the past few months, we have had several customers ask us about when is the right time to penetration test a new application in their environment. Right off the bat, we like this question, because it recognizes the fact that a new application needs a penetration test. You never want to roll a new […]
We’ve talked previously about why an incident response tabletop exercise can be a useful tool for your security program. But taking a step back, let’s take a closer look at what makes an incident response tabletop exercise successful. While a tabletop exercise can be a great way to step through your incident response process on […]
In this blog, we are going to talk about some of the disadvantages of a bug bounty program compared to a penetration test. Don’t get us wrong, there are many advantages of a bug bounty program, in fact, we just did an entire blog dedicated to the subject. While Triaxiom Security is a company founded […]
On the journey to building a security program, or evolving the one you’ve currently got in place for your organization, there are a number of controls you’ve got to consider. Some of those controls, like the ones we talk about here, are either contingent upon other controls already being in place or require a significant […]
In our article last week on how to get started when building a security program, we covered a lot of the foundational aspects you should be considering when trying to start an information security program for the first time or build a more organized roadmap to mature your current security program. You may be doing […]
Bug bounty programs are becoming an increasingly popular tool that organizations are using to help prevent a data breach. In comparing bug bounty programs to penetration testing, there are several advantages of a bug bounty program that deserve our attention. In this blog, we will explore several of the advantages of a bug bounty program […]
Building a security program for an organization can be overwhelming. If you don’t have anything in place for managing information security, you’re probably already behind the curve. Information security is quickly becoming a baseline requirement for organization’s of all sizes, from mom and pop shops to start-ups to Fortune 500s. Large organizations are being increasingly […]
