A wireless penetration test is a little different than most penetration tests, as it includes some elements of auditing and some elements of tactical testing. Because of that, it can be hard to discern what is included in a wireless penetration test. In this blog, we will break down a wireless penetration test into its […]
Tactical security assessments are great, with a focused scope that produces specific output aimed at improving the security of one particular aspect of your organization, whether it be your e-commerce website, your network perimeter, or your employee’s security awareness. But sometimes, it’s helpful to figure out what your organization’s strategic security posture looks like, and […]
In this blog we will cover the top three ways that we break into a building when performing a physical penetration test. For more information on physical penetration tests, and the questions they answer, start here. This will include some realistic physical penetration test examples you can expect if you were to be tested, such […]
Information security and corporate network defense is tough. In a constantly changing and advancing industry, it can be hard to figure out where to start when you’re trying to build or improve a corporate security program. Standards and benchmarks are not a sexy or exciting topic, but when you need a starting place to figure […]
One of the common questions we get asked is how to effectively communicate penetration testing results to senior leaders, including C-suite executives and the board of directors. Below are some pointers on how to best navigate these often slippery slopes. Communicating Good Results Your penetration test came back and your firm performed exceptionally well, with […]
We often get asked, “Why should we go with your firm, you seem smaller than your competitors?” We take pride in being a small penetration testing firm, and it comes with many advantages that can ultimately help our clients. Advantages Cost savings – As a small business, we’re able to keep overhead expenses down and ultimately […]
Organizations often spend the vast majority of their resources on securing their systems from external threat actors, while spending far less time protecting the “gooey” center of their networks. The same seems to hold true for cloud environments. While companies continue to flock to the cloud faster than ever before (more than 93% of companies […]
By now, I think everyone has heard the phrase “moving to the cloud” enough to make their head spin. And it’s true, organizations are steadily moving to the cloud because of the many benefits this model of operation offers. According to Forbes in 2017, “hybrid cloud adoption grew 3x in the last year, increasing from […]
The PCI Council released a minor update to the Payment Card Industry Data Security Standard (PCI DSS) in May of this year. Their isn’t really anything earth shattering included in these PCI DSS changes, but it’s always worth knowing exactly what changes are made, especially if being PCI compliant affects your business. The changes from […]
One of the things we often see during an external penetration test is unnecessary services exposed to the Internet. This will increase the attack surface of your organization, ultimately giving hackers more ways to try to break into your organization. One of the main principles to follow when setting up your perimeter firewall is to […]
