After a brief hiatus last year due to the COVID-19 pandemic, CarolinaCon is back April 23 – 25, 2021. This hacker con for the Carolinas has been around since 2005 and taking place in Charlotte, NC since a couple years ago, moving from Raleigh, NC when UNCC’s 49th Security Division took over organizing responsibilities. Even […]
When it comes to selecting a penetration testing provider, there are a lot of different points that need to be taken into account. What type of penetration test are you looking for? What is driving the need for a penetration test? Today we will explore some tips to help you in your penetration testing provider […]
One of the cyber security related activities that most, if not all, organizations should be doing on a regular basis is Security Awareness Training. At a high level, this training is provided to your employees to inform them about information security as it relates to their day-to-day business operations. In this article, we’ll review what […]
The Penetration Testing Execution Standard or “PTES” is a standard consisting of 7 stages covering every key part of a penetration test. The standard was originally invented by information security experts in order to form a baseline as to what is required for an effective penetration test. While this methodology is fairly dated and has […]
Having recently passed the OSCP, I was looking for my next certification. I spent several weeks weighing the different options. Should I look to take my overall penetration testing skills to the next level and pursue Offensive Security’s new OSEP (Offensive Security Experienced Penetration Tester) course or pursue a more specialized path i.e. one dedicated […]
Since the introduction of Android Nougat, users no longer have the ability to add user or admin supplied CA certs without using a rooted device. Because of this, android penetration testing is effectively impossible without taking some necessary steps to proxy traffic to Burpsuite. This tutorial will provide instruction on how to bypass this restriction […]
2021 is finally here! While that is a relief for all of us, there are some cyber security trends from 2020 that will likely carry over into 2021. In this blog, we will look at three key cyber security trends we expect in 2021, and how we recommend you respond in anticipation of them. We […]
Many organizations, especially small-to-medium sized businesses, may feel overwhelmed when it comes to information security. With all of the news articles and blog posts warning about security-related threats and attacks, a ton of people feel like they need to do something to protect their business but have no idea where to start. This can be […]
There are a variety of ways to test the maturity of your security program, including a gap analysis and a penetration test. However, it can be overwhelming to hear about these different types of security assessments and try to make an informed decision about what is right for your organization and your budget. The different […]
We get a decent amount of questions regarding the right approach to both penetration testing in the cloud and vulnerability scanning cloud-hosted assets. While we’ve already written several posts on how to approach penetration testing for AWS, Azure, and other cloud providers, today we’ll take a step back and focus on AWS vulnerability scanning best […]
