close menu
Shop Our Merch Report A Breach 1-877-550-4728
Latest
JavaScript Essentials for Beginning Pentesters
May 23, 2023
By Luke Bremer in Penetration Testing
Featured
Better Hacking Through Cracking: Know Your Rules
April 21, 2023
By TrustedSec in Cloud Assessment, Cloud Baseline Configuration Review, Cloud Penetration Testing, Penetration Testing, Security Testing & Analysis
Most Read
Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)
March 17, 2023
By Olivia Cate, Justin Elze, Nick Gilberti, Leo Bastidas, Robert R. Lee Jr., Andrew Schwartz, Carlos Perez and Oddvar Moe in Incident Response, Incident Response & Forensics, Purple Team Adversarial Detection & Countermeasures, Research, Vulnerability Assessment

CMMC Small Business Funding Roundup

February 23, 2021
By Rick Yocum in CMMC Readiness Review, Program Assessment & Compliance
TrustedSec works with clients of all sizes on Cybersecurity Maturity Model Certification (CMMC) readiness engagements, but recently we’ve received a few questions on how smaller organizations can help to offset some of the costs related to CMMC compliance. There are three (3) typical paths for small organizations to obtain financial assistance regarding CMMC activities. We...

Nine Things to Know About the CMMC

November 10, 2020
By Rick Yocum in CMMC Readiness Review, Program Assessment & Compliance
The Cybersecurity Maturity Model Certification (CMMC) (https://www.acq.osd.mil/cmmc/) is a program being developed to help ensure that specific types of unclassified data that exist outside of government systems remain adequately protected. Specifically, the CMMC applies to Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in non-government systems. Eventually, this certification program will replace the process...

Two Simple Ways to Start Using the MITRE ATT&CK Framework

August 25, 2020
By Rick Yocum in Attack Path Effectiveness Review, Security Program Assessment
While there is a wealth of free information intended to help larger organizations use the MITRE ATT&CKTM Framework, these resources often assume that the reader has dedicated security teams, deep technical skills, and/or a catalog of supporting security tools. But what if small organizations, compliance teams, or risk management professionals want to leverage ATT&CK? Never...

Want Better Alerting? Consider Your Business Processes

May 19, 2020
By Rick Yocum and Alex Hamerstone in Architecture Review, Attack Path Effectiveness Review, Business Risk Assessment, Managed Services, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Security Program Assessment, Security Program Management
Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for implementing and upgrading these capabilities are often noisy, expensive, and laborious. Traditional Alerting Approaches are Failing During program assessments, we find that a lot of clients are generating so many alerts that they...

Vendor Enablement: Rethinking Third-Party Risk

April 30, 2020
By Alex Hamerstone and Rick Yocum in Business Risk Assessment, Mergers & Acquisitions Security Assessment, Operational Performance Maturity Assessment, Program Assessment & Compliance, Program Maturity Assessment, Security Program Assessment
Third-party risk management is an essential element of information security. It is common to see news about a large company being breached, and after learning more, you find out the breach was the result of a vendor. When you depend on another organization for a critical business process and allow them access to your network,...

Is Zoom’s Lack of End-To-End Encryption a Problem?

April 2, 2020
By Rick Yocum in Security Program Assessment, Security Remediation
All of the work-from-home activity coupled with all of the media about Zoom’s lack of end-to-end (E2E) encryption has resulted in a few clients asking us if Zoom can still be trusted to host meetings. It’s not exactly as they portray For those of you catching up, Zoom’s privacy and security have been the target...

  • Search the blog

  • Search by Author

  • Browse by date

  • Browse by Category

  • Clear Form
3485 Southwestern Boulevard
Fairlawn, OH 44333
1-877-550-4728
  • Follow TrustedSec on Twitter
  • Connect with TrustedSec on LinkedIn
  • Get TrustedSec's RSS feed

Get TrustedSec in your inbox

Sign up to receive the latest in cybersecurity news and resources

    By submitting this form, I agree to receive marketing communications from TrustedSec, which I can unsubscribe from at any time.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    © Copyright 2023 by TrustedSec. All rights reserved.