BITS for Script Kiddies

April 13, 2021
Introduction Well, I finally popped a box, but the EDR keeps sucking up all my tools. There must be a way to do some basic things on the box without getting caught. How can I poke around and do some stuff without possibly burning all my tools? After all the hard work of getting onto...

Strength Training With Transport Cryptology: Part 2

March 30, 2021
In part 1 of this blog series, we explored objective standards for evaluating application cipher suites using the National Institute of Standards and Technology (NIST) standard. Reviewing that is not required to continue here. For those of us lucky enough to apply cryptology within a Payment Card Industry (PCI) context, this part is for you....

Strength Training With Transport Cryptology: Part 1

March 30, 2021
I have a pretty good gig. I get to see the unique security approaches of dozens of companies every year. Sometimes the things we discuss come up so frequently, they should probably be shared…anonymously, of course. Frequently, folks are tasked with fixing insecure transport security. This is often due to test results from: Introducing new...

Practicing What We Preach

March 29, 2021
At TrustedSec, we work with a lot of Chief Security Officers. As a security company, it’s a role that we think is vitally important to every organization’s success. Historically, our entire team has made a collective effort to meet our own security goals. However, as we continue to grow, we recognize that having a central...

More Options for Response Modification -With ResponseTinker

March 25, 2021
As the web application footprint migrates client-side, tools to thoroughly analyze and test client behavior are becoming increasingly important. Burp Suite has made some great strides in this direction with their browser-based enhancements to crawling and scanning, but when it comes time to really dig into the particulars for research, we are still very much...

Yes, It’s Time for a Security Gap Assessment

March 23, 2021
For many organizations, rapidly implementing work-from-home initiatives over the past year due to the COVID-19 pandemic required quickly rolling out new processes and deploying new technologies without adequate time for attention to Information Security standards. Perhaps your company recently acquired a new line of business, and you want to make sure the integration won’t adversely...
  • Browse by Category

  • Clear Form