The year 2022 has wrapped up and I find it helpful to share some of the most common findings I have encountered throughout the year. Some of these may not be surprising as they are covered in almost every cybersecurity awareness training course there is. However, it...
When on the cusp of receiving an external penetration test, clients want to prepare themselves for it. We often get asked what’s the easiest way to improve their score before the engagement has begun. Below are the top 3 ways to improve your external penetration...
OSINT OSINT stands for Open-Source Intelligence. It is the action of gathering information that is publicly available and analyzing it for intelligence purposes. First, let’s look at what type of data can be considered Open-Source. Data or information...
When creating a defensive plan against cyber-attacks, knowing your adversary is paramount. Often after the shock has worn off from a breach, the affected company will ask themselves, “Why us?”. It’s a valid question that organizations should ask...
Physical penetration testing is an assessment of the physical security controls of an organization. Much like traditional network penetration testing, you are measuring the security of a system, and in this case, it happens to be in the physical world. The consulting...