About Ryan Basden

Ryan is a Cyber Risk Sr. Analyst and offensive security specialist for risk3sixty where he helps to implement business-first offensive and defensive security strategies.

So, you got a pentest. Now what?

How to progress toward a truly secure organization and infrastructure after penetration testing.

You did it – you paid for penetration testing services.

Whether it was to fulfill a potential client’s request, satisfy your interest or to be compliant with some framework, you tested the mettle of your environment against white-hat hackers and came out the other side, report in-hand and next steps […]

Analyzing Your Attack Surface Like A Hacker

When most people think of hacking, they think of what Hollywood portrays. In a dark basement, a hooded, perhaps tattooed outcast rapidly types nonsensical keystrokes at a flashy computer monitor for several seconds before snidely muttering, “I’m in.”

By that representation, the hacking process seems pretty straightforward: find a vulnerability, exploit it and ride off into the sunset with a bunch of […]

Understanding Different Types of Penetration Testing Engagements

There is understandably quite a bit of confusion in the market place when it comes to offensive security engagements. Consultants use a number of terms and phrases that often times overlap with one another quite a bit, but often times fail to differentiate effectively. For example:

  1. Vulnerability assessment
  2. Vulnerability research
  3. Penetration test
  4. Security Audit
  5. Red teaming
  6. Social engineering
  7. Phishing Campaigns

With so […]

Security Researchers Identify Critical Vulnerabilities in AMD Chips: Chimera, Ryzenfall, Masterkey and Fallout

Critical Vulnerabilities in AMD Chips

Security researchers at CTS-Labs, based out of Israel, disclosed 13 critical vulnerabilities and backdoors in certain AMD chips used in workstations, laptops and servers. Successful exploitation of these vulnerabilities could grant deep system access to attackers from which they could launch malware attacks undetected.

The vulnerabilities are four in name:

1 | Chimera – Two sets of backdoors in […]