Infosec

Web Application Penetration Testing: Why It Matters and What You Need to Know

As more and more businesses move their operations online, the need for secure web applications becomes increasingly important. A web application penetration test, or pen test for short, is a valuable tool for identifying vulnerabilities in web applications and ensuring that they are secure against potential threats. In this blog, we’ll explore the importance of web application pen tests and what you need to know to conduct one effectively.

Continue Reading

2023 Cyber Security Trends

In 2023, the world is becoming more digital, and as a result, the importance of cyber security continues to grow. Here are some key trends and developments in the field of cyber security that are expected to shape the year:

Continue Reading

Get FedRAMP Ready

FedRAMP, or the Federal Risk and Authorization Management Program, is a government-wide program that provides a standardized approach to the assessment, authorization, and continuous monitoring of cloud products and services used by federal agencies. The program is designed to ensure that cloud services used by federal agencies meet certain security and risk management standards, and to reduce the time and cost of evaluating and approving cloud services for use by the government.

Continue Reading

Reshaping Design Paradigms for Security

A problem that has plagued security architects has always been human error. Whether through social engineering, such as phishing, or poor password hygiene, human error is traditionally something that has been thought of as orthogonal to computer security.

Continue Reading

Leveraging a Virtual CISO

The increasing risk of cyber-attacks coupled with compliance obligations has meant that even small and medium sized organizations are scouting for executive leadership to support them in the critical field of cybersecurity.

Continue Reading

The Value of Recon

Reconnaissance is the first action in which a threat actor engages with a target and for our purposes can be defined as the use of openly available Internet sources of information to gain insight into an organization’s applications, services, technologies, people, and webpage relationships. In a nutshell, reconnaissance is nothing more than locating and analyzing publicly available sources of information about an individual or organization.

Continue Reading

The Future is Now, PCI DSS 4.0

When customers provide a company with their credit card information, they trust that their data will be processed, stored, and transmitted securely. To ensure that businesses meet that expectation, major credit card companies alongside the PCI Security Standards Council, created the Payment Card Industry Data Security Standard or PCI DSS for short. PCI DSS is a set of technical and operational requirements intended to protect account data, combat fraud, and reduce the chances of data being breached. 

Continue Reading

Enforcing a Cybersecurity Strategy

The changed world we have found ourselves living in since the global pandemic struck in 2020 has been particularly helpful to cybercriminals. Working from home, the ongoing digitization of our lives, and the increasing online nature of business mean opportunities for phishers, hackers, and scammers have increased. As we head into 2022, there is, unfortunately, no sign of this letting up. Therefore, it is essential for individuals and businesses to be aware of the ever-growing avenues of attack and implementing practices to mitigate the risks.

Continue Reading

Conduct Your OSINT Using Mitaka

Open-Source Intelligence or, OSINT, is the collection and analysis of information gathered from publicly available sources. This extends to much more than a Google search. There is much more information on the internet than can be found using search engines. It is estimated that only 4% of the internet is searchable using search engines. That leaves 96% of information on the internet cannot be accessed using Google, Bing, and other search engines. OSINT tools are effective at finding information which cannot be found by search engines.

Continue Reading

Importance of Audit Log Management

Audit Log Management

Audit logs play a critical role in security management. They can provide us with insight into what has happened on our systems, and on our networks at any given time. More specifically, if implemented correctly, logs can tell us what happened across multiple systems and when a system is compromised, it will log and record all activity of the attacker. These logs can help us prevent or detect violations of confidentiality, integrity, and availability.

Continue Reading

Scroll to top