Skip to Main Content

The Security Blog

Get up-to-date security insights, tips, and tricks from our amazing team sent to your inbox.

Browse our blogs

We cover it all in The Security Blog. Discover what you’ve been looking for.

Topics
Author
Blog May 29 2025

Apples, Pears, and Oranges: Not All Pentest Firms Are the Same

Penetration testing is not a commodity service. If you are a procurer of penetration tests and have ever received wildly different quotes for the "same"…

Read about this article
Blog May 22 2025

AppSec Cheat Sheet: Session Management

Session Management Testing - CookiesThe Cheat Sheet section is for quick reference and to make sure steps don’t get missed.The Learn section is for those who…

Read about this article
Blog May 20 2025

Red Team Gold: Extracting Credentials from MDT Shares

When it comes to targeting enterprise deployment infrastructure during a Red Team engagement, SCCM (System Center Configuration Manager) tends to get all the…

Read about this article
Blog May 15 2025

Purpling Your Ops

How does one Purple Team? TAC Practice Lead Megan Nilsen shares open-source tools, techniques, and tips for security practitioners exploring Purple Teaming,…

Read about this article
Blog May 08 2025

I Got 99 Problems But a Log Ain’t One

1.1 IntroductionHere at TrustedSec, one of the goals of the Tactical Awareness & Countermeasures (TAC) team is to assess and enhance our partners' security…

Read about this article
Blog May 06 2025

Application Layer Encryption with Web Crypto API

OverviewIn web and mobile applications, we’ve been fortunate over the years to have such widespread use of HTTPS by way of TLS. The proliferation of HTTPS is…

Read about this article
Blog May 01 2025

Why the WAF

In my experience, most organizations are prepared to discuss the scope of penetration tests when preparing for an External or Internal Penetration Test, but…

Read about this article
Blog April 24 2025

The Necessity of Active Testing – Detection Edition

Most security teams understand the importance of log collection and building detections to provide early indicators of anomalous or potentially malicious…

Read about this article
Blog April 22 2025

How Far Should You Let Penetration Testers Go?

How far should you let penetration testers go once they have a finding or foothold on a penetration test of your organization?As far as they can!The goal is to…

Read about this article
Blog April 17 2025

Discovering Your Baud

I'm still pretty new to hardware hacking and find myself going through a lot of media (both text and moving pictures) about various techniques to interact with…

Read about this article
Blog April 16 2025

TrustedSec Achieves CREST Certification

TrustedSec has achieved CREST Certification for penetration testing, a globally recognized standard that verifies an organization's ability to conduct…

Read about this article
Blog April 08 2025

Kubernetes for Pentesters: Part 1

In the first section of this multi-part practical guide, I’ll introduce you to Kubernetes (K8s) from a penetration testing perspective, including basic…

Read about this article