How to progress toward a truly secure organization and infrastructure after penetration testing. You did it – you paid for penetration testing services. Whether it was to fulfill a potential client’s request, satisfy your interest or to be compliant with some framework, you tested the mettle of your environment against white-hat hackers and came out the other side, report in-hand and [...]
Global research and advisory firm, Gartner, forecasts that information security spending will exceed $124 billion in 2019, yet cyber defenses continue to fail. Organizations large and small continue to experience breaches of all varieties resulting from zero-day exploits, failures in vulnerability patching, and phishing. The market has responded with a variety of security governance and control frameworks including CIS 20, ISO [...]
Capital One’s recent data breach is only the latest in the perennial series of high-profile data breaches that have occurred in the last few years. What do Equifax, Home Depot, Target, and others have in common? Great security programs with high-quality and competent people running them. These companies experienced data breaches despite putting forth their best efforts and spending millions of [...]
Windows Servers are practically irresistible to hackers everywhere. This makes the lone Windows Server a perfect candidate for a honeypot. In this post we explore how to use a Windows Server to divert a hacker’s attention from what matters than by giving them what they think is an easy win!