Penetration testing November 20, 2019 Susan Morrow Rules of Engagement in Pentesting When you create a software product or build a service or create a platform, it’s a good idea to make sure it is secure. The data we generate is feeding the...
Penetration testing November 4, 2019 Greg Belding MITRE ATT&CK: Screen capture There is an old saying that goes “a picture is worth a thousand words.” In many ways, this saying is true: you can learn a great deal about a person or...
Penetration testing October 31, 2019 Howard Poston The future of Red Team operations The Red Team assessment is an increasingly popular method for an organization to get a realistic feel for their overall security. Organizations’ attack surfaces...
Penetration testing October 30, 2019 Howard Poston Red Team Operations: Providing recommendations The Red Team’s final report is the most valuable part of the entire exercise for the client. In many cases, a Red Team is secretly hired by an organization’s...
Penetration testing October 29, 2019 Howard Poston Red Team Operations: Reporting for compliance In recent years, the number of standards and regulations that organizations have to demonstrate compliance with has exploded. Previously, organizations have...
Penetration testing October 28, 2019 Howard Poston Red Team Operations: Report structure and content The first stage in building a Red Team report is knowing what to put in the report. Three of the most important things to discuss in the report are identified...
Penetration testing October 22, 2019 Howard Poston Red Team Operations: Presenting your findings At the end of the Red Team assessment, there are usually two main deliverables. The Red Team report provides a report providing a comprehensive description...
Penetration testing October 21, 2019 Howard Poston Best commercial tools for Red Teaming A variety of different free tools exist for Red Team operations, and, in many cases, a Red Team can get by just fine taking advantage of these free or open-source...
Penetration testing October 17, 2019 Howard Poston Best open-source tools for Red Teaming One of the best features of the cybersecurity community is the vast number of free and open-source tools that are available. Many very smart and skilled hackers...
Penetration testing October 16, 2019 Howard Poston Red Team operations: Best practices The goal of a Red Team assessment is for the Red Team to find as many vulnerabilities as possible within the customer’s current security setup. In general,...