by Joshua Jones | Oct 25, 2022 | Compliance, cybersecurity, PCI DSS 4.0
Now that you are looking at your timeline, you may be wondering how you can get from where you are now, a sage of PCI DSS 3.2.1, to where you will need to be by 2024. The PCI DSS 4.0 Summary of Changes Using the PCI DSS Summary of Changes document, you can...
by Slade Griffin | Sep 6, 2022 | cybersecurity, penetration testing, Uncategorized
We are constantly updating and evolving our deliverables in an effort to provide more context around our security services. With that in mind we have been tracking some metrics since 2020 that allow us to see why organizations remain vulnerable to compromise. One of...
by Andrew Nash | Aug 3, 2022 | cybersecurity, penetration testing, Uncategorized
“Hacking” isn’t magic, but sometimes it is presented that way. Much of penetration testing and “hacking” is learning the tools of the trade and how they work “under the hood.” In this series we hope to provide a high-level overview of common...
by Terence Martin | Jul 19, 2022 | cybersecurity, penetration testing
On a recent engagement, the client I was assessing had a relatively strong security posture. None of the old standby attacks were working. The client had disabled LLMNR and WPAD based on a previous security assessment, and all the client’s Windows machines were...
by Kevin Thomas | Jun 17, 2022 | cybersecurity, incident response
The most recent Cost of a Data Breach Report (Ponemon 2021) found that “Lost Business Cost” represented the largest percentage (38%, or $1.59M) of the $4.2M average cost of a data breach. One of the key contributors to the “Lost Business Cost”, along with the cost of...
by Slade Griffin | Oct 23, 2020 | cybersecurity, penetration testing, whitelisting
Recently I have been asked by clients why we request that our scans be whitelisted when we are performing external security assessments. Many people believe that a blocked scan is the same as blocking a vulnerability which is present on a host. This could not be...
Recent Comments