Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.

Detecting Password-Spraying with a Honeypot Account
Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against…

HIPAA Protected Health Information - When Health Information Isn’t Protected
Many organizations don’t understand that not all health information is PHI and apply HIPAA more broadly than is required. This has implications for which…

Protecting Backup and Recovery in the Age of Ransomware
Ransomware attackers frequently target backups and recovery systems to force victims into paying ransoms, making robust protection strategies essential for all…

Penetration Testing and Burnout
It's that feeling of your nerves being stretched like sinew over mounting expectations and due dates. When your attention keeps an exhausted but stubborn focus…

A Big Step on the CMMC Rollout Timeline
A major step on the CMMC rollout timeline was completed recently as the regulatory change that will create the CMMC contract clause made its way to the Office…

CMMC Level and Assessment Requirements for Defense Contractors
Many DoD contractors are struggling to understand what requirements will apply to them once CMMC rolls out. CMMC defines three levels, but CMMC Level 2 may…

Dealing With Unmarked and Mismarked CUI
Implementing CMMC and other Controlled Unclassified Information (CUI) protection obligations depends on the accurate identification of CUI, and in some cases…

The Proliferation of “Fake” CMMC Contract Clauses
Defense subcontractors may already be seeing CMMC clauses in their contracts, even though the CMMC contracting procedures and contract clause have yet to be…

PivotTables For InfoSec Dummies
Plenty of people know how to toss an IP address and port list into Excel for sorting and searching but don’t get a chance to take it to a deeper level. Excel…

Let's Clone a Cloner - Part 3: Putting It All Together
We have arrived at our final stage of metamorphosis, taking our pupa and morphing it into a hacking machine. Let's finish this journey. Geared Up Pupa In the…

Why is this Finding on my Pentest Report?
Understanding the Value of Findings Clients Often QuestionIn some report readouts, we may encounter situations where a client looks at a web application report…

Hiding in the Shadows: Covert Tunnels via QEMU Virtualization
Attackers are getting increasingly creative—not just with their payloads, but with how they deliver and operate them. In a recent Incident Response engagement,…
Loading...