Tag: Penetration Testing

Search
man holding a lock

From Reactive to Proactive: The Value of Offensive Security 

Threat actors constantly evolve and innovate, leaving organizations vulnerable to attacks from an ever-growing list of tactics and techniques.  While reactive measures like incident response teams and forensic analysis can help mitigate damage after a breach, they leave organizations scrambling to catch up. Alternatively, a proactive approach emphasizes prevention by

Read More

Leveraging ‘Rubeus’ for Active Directory Penetration Testing (Part One) 

The rapidly evolving, complex cybersecurity landscape places Active Directory (AD) at the forefront of many cyber threats. As a crucial component of network infrastructures, AD is targeted by attackers looking to exploit its vulnerabilities. “Rubeus” emerges as a pivotal tool for security professionals, offering advanced capabilities that thoroughly assess and strengthen

Read More
senior leaders managing red team exercise

How Senior Leaders Navigate the World of Red Team Exercises

Cybersecurity threats have become increasingly sophisticated and pervasive. As a senior leader, it is crucial to ensure that your organization has robust defenses in place to protect its sensitive data and systems from potential breaches. One powerful way to assess the effectiveness of these security measures is by regularly conducting

Read More

Sudo: Its History and How to Abuse It

A quick explanation of one of the most influential and misconfigured computing utilities. You’re a hacker.   Okay, maybe you aren’t, but let’s say you are. You finally got into a server you’ve been attacking for weeks, but you’re stuck. The credentials you logged in with are only for a

Read More

So, you got a pentest. Now what?

How to progress toward a truly secure organization and infrastructure after penetration testing. You did it – you paid for penetration testing services. Whether it was to fulfill a potential client’s request, satisfy your interest or to be compliant with some framework, you tested the mettle of your environment against

Read More

An Introduction to Active Defense

Global research and advisory firm, Gartner, forecasts that information security spending will exceed $124 billion in 2019, yet cyber defenses continue to fail. Organizations large and small continue to experience breaches of all varieties resulting from zero-day exploits, failures in vulnerability patching, and phishing. The market has responded with a

Read More

If It Can Talk to Networks, It Can Walk Across Them

As technology moves at a seemingly exponential rate of growth and changes every day, more and more devices are being developed to contain additional “customer-savvy” features. Collectively termed the Internet of Things (IoT), this new wave of technology is vast. Where historically a system in question would be a server

Read More
security Image

Takeaways from SANS SEC560- Ethical Hacking and Pen Testing

This past week I completed the SANS SEC560 – Network Penetration Testing and Ethical Hacking course at the SANS Cyber Defense Initiative in Washington DC. With the experience fresh on my mind, I wanted to share my impressions with others considering SANS training. A Quick Overview of the SANS 560

Read More