The year 2022 has wrapped up and I find it helpful to share some of the most common findings I have encountered throughout the year. Some of these may not be surprising as they are covered in almost every cybersecurity awareness training course there is. However, it...
OSINT & Recon OSINT stands for Open-Source Intelligence. It is the action of gathering information that is publicly available and analyzing it for intelligence purposes. First, let’s look at what type of data can be considered Open-Source. Data or...
While creating a defensive plan against cyber-attacks, knowing your adversary is paramount. Often after the shock has worn off from a breach, the affected company will ask themselves, “Why us?”. It’s a valid question that organizations should ask...
Physical penetration testing is an assessment of the physical security controls of an organization. Much like traditional network penetration testing, you are measuring the security of a system, and in this case, it happens to be in the physical world. The consulting...
In today’s world, massive data breaches and sophisticated malware litter news headlines. Unfortunately, it often feels as though it’s more when your organization will fall victim, rather than if. Still, many organizations choose to only meet baseline...