A firewall configuration review is one of the safest activities we do as penetration testers. There’s no automated scanning, no active exploitation, and poking/prodding exposed ports and services. Even though it is a very low risk activity, there are a couple things we’ve identified over the years as ways to streamline the process of having […]
If you are reading this, I am sure that at some point you have had to suffer through some form of security awareness training. While we commend companies for trying, let’s face it, the majority of participants are just clicking through some computer-based training as fast as they can so they can get their certificate […]
We often get asked for references for our work. As you would expect, if you are hiring someone to hack your company or determine where your security vulnerabilities lie, you want to make sure they can be trusted. As part of the screening process, we highly recommend that you vet penetration testing partners via professional […]
In this blog, we will explore three steps you can take to make your firewall more secure. Your perimeter firewall is your first line of defense against attacks. And while it is not a silver bullet, making sure it is as secure as possible should be a top priority for your security team. Having performed […]
A firewall configuration review might seem like a pretty straightforward process. And truth be told, it is as far as security assessments go. But that being said, it can help to understand exactly what’s going on during this type of assessment, what the process includes, and what type of results you can expect. We’ve covered […]
One of the key outcomes of a penetration test (or any type of security assessment) is the deliverables or reports. This is really what you’re paying for when you commission a third-party to perform an assessment, as this provides your view of what happened during a penetration test. From making sure that every finding in […]
Let’s say that your organization has had a potential security incident and needs help. Triaxiom offers incident response services centered around investigating how it happened (so you can prevent it from happening again), what the attacker had access to, and whether the attacker is still present on the network. For more information on what our […]
We have had quite a few requests lately for incident response services. One of our core tenets is partnering with our customers and being there to help them, especially in times of need when they may have just experienced a data breach. With that being said, there is a difference between incident response and digital […]
A firewall configuration review is a great way for your organization to assess the security of one of the most pivotal pieces of technology in your organization. While any security professional will tell you just having a firewall doesn’t make you more secure and that it doesn’t perform any type of “silver bullet” functionality to […]
The majority of the time, an internal penetration test is conducted without any issues arising. However, there are a few things that can go wrong on an internal penetration test that deserve some consideration. In this blog, we will explore what can go wrong on an internal penetration test and what steps you can take to […]
