Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/ManagingPrivilegedRolesInMEID_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1763064774&s=07fa9f3bd6af251d42280fc70ce83417\")
<\/picture><\/div>\n Managing Privileged Roles in Microsoft Entra ID: A Pragmatic Approach<\/h3>\n <\/div>\n \n Introducing a custom model for understanding privileged roles in Microsoft Entra ID, developed by TrustedSecWhenever our team conducts a Hardening Review of\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/HelpfulHintsWritingCybersecurityReports_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1762361302&s=524707acdfcfd49f0d775b09b090b741\")
<\/picture><\/div>\n Helpful Hints for Writing (and Editing) Cybersecurity Reports<\/h3>\n <\/div>\n \n When it comes to reading (and editing) (and proofreading) technical documents, it's important to remember that the details are key, and can make all the\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/CMMCSubcontractorsServiceProviders_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1762207040&s=02f9a3410929474f4979b0dde6e70a62\")
<\/picture><\/div>\n CMMC Subcontractors and Service Providers<\/h3>\n <\/div>\n \n Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/Hack-cessibilityDLLHijacks_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1761073070&s=7ca82b1dfc90089815d0c5fbdd51a67b\")
<\/picture><\/div>\n Hack-cessibility: When DLL Hijacks Meet Windows Helpers<\/h3>\n <\/div>\n \n In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/DetectingPasswordSprayingHoneypot_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1760635728&s=70b50c86b71ff34e18cf247a9e4818da\")
<\/picture><\/div>\n Detecting Password-Spraying in Entra ID Using a Honeypot Account<\/h3>\n <\/div>\n \n Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/TriggerWindowsService_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1760469797&s=7acdfec21455d12c205ce0b82d491b0a\")
<\/picture><\/div>\n There's More than One Way to Trigger a Windows Service<\/h3>\n <\/div>\n \n Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/SkimmingAzure_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1759497843&s=01d9654b2a25984b6bc1b4544417644c\")
<\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/PCI-P2PEvsE2EE_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1759242852&s=9b07d727eadc04ac3333e691712ccdd7\")
<\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/HIPAA-Applicability_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1759242637&s=f7df75d41f0d6295c56ee7acc2ad6ff3\")
<\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/CMMCNope25_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1759242484&s=bee1804b91d5ac05009b0604bdb34adf\")
<\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/HIPAA-BusinessAssociates_WebHero.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1758293534&s=89815acc62bf0d37f06072daa0778088\")
<\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
Introducing a custom model for understanding privileged roles in Microsoft Entra ID, developed by TrustedSecWhenever our team conducts a Hardening Review of\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n Helpful Hints for Writing (and Editing) Cybersecurity Reports<\/h3>\n <\/div>\n \n When it comes to reading (and editing) (and proofreading) technical documents, it's important to remember that the details are key, and can make all the\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC Subcontractors and Service Providers<\/h3>\n <\/div>\n \n Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Hack-cessibility: When DLL Hijacks Meet Windows Helpers<\/h3>\n <\/div>\n \n In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Detecting Password-Spraying in Entra ID Using a Honeypot Account<\/h3>\n <\/div>\n \n Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n There's More than One Way to Trigger a Windows Service<\/h3>\n <\/div>\n \n Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
When it comes to reading (and editing) (and proofreading) technical documents, it's important to remember that the details are key, and can make all the\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n CMMC Subcontractors and Service Providers<\/h3>\n <\/div>\n \n Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Hack-cessibility: When DLL Hijacks Meet Windows Helpers<\/h3>\n <\/div>\n \n In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Detecting Password-Spraying in Entra ID Using a Honeypot Account<\/h3>\n <\/div>\n \n Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n There's More than One Way to Trigger a Windows Service<\/h3>\n <\/div>\n \n Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n Hack-cessibility: When DLL Hijacks Meet Windows Helpers<\/h3>\n <\/div>\n \n In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Detecting Password-Spraying in Entra ID Using a Honeypot Account<\/h3>\n <\/div>\n \n Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n There's More than One Way to Trigger a Windows Service<\/h3>\n <\/div>\n \n Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n Detecting Password-Spraying in Entra ID Using a Honeypot Account<\/h3>\n <\/div>\n \n Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n There's More than One Way to Trigger a Windows Service<\/h3>\n <\/div>\n \n Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n There's More than One Way to Trigger a Windows Service<\/h3>\n <\/div>\n \n Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
Service triggers can be a pentester\u2019s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n Skimming Credentials with Azure's Front Door WAF<\/h3>\n <\/div>\n \n Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door\u2019s WAF and Log Analytics can\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n PCI P2PE vs. E2EE \u2013 Scoping it Out<\/h3>\n <\/div>\n \n If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
If your payment processor says they use \u201cEnd-to-End Encryption\u201d your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n HIPAA Applicability - Understanding the Security, Breach Notification, and Privacy Rules<\/h3>\n <\/div>\n \n In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
In this blog, we explain how HIPAA\u2019s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n CMMC NOPE: Why You Don\u2019t Need to be CMMC Compliant<\/h3>\n <\/div>\n \n As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
\n \n Read about this article<\/span><\/span><\/div>\n <\/div>\n <\/div>\n <\/div>\n<\/a> \n \n \n \n \n <\/picture><\/div>\n HIPAA Business Associates - What\u2019s Your Function?<\/h3>\n <\/div>\n \n
As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for\u2026<\/p>\n<\/div>\n <\/div>\n
<\/picture><\/div>\n ![\"\"](\"https:\/\/trusted-sec.transforms.svdcdn.com\/production\/images\/Blog-Covers\/HIPAA-CoveredEntities_Summary.jpg?w=400&h=400&q=90&auto=format&fit=crop&dm=1757009548&s=16b896c92e40b74e0a20fe75583fede5\")
<\/picture><\/div>\n