Building a Strong Foundation With the Information Security Accelerator

December 20, 2022
By in Program Development, Program Maturity Assessment, Remediation Assistance & Training, Security Program Assessment, Security Program Management, Security Remediation

Bottom Line Up Front Common threats like malware, ransomware, web application hacking, insider and privilege misuse, and targeted intrusions don’t have to spell disaster. Mid-market companies and small-to-medium businesses (SMBs) can cut through the confusion of how to build a solid security program. Our Information Security Accelerator service is designed to help your organization chart…

Read

Looting iOS App’s Cache.db

December 1, 2022
By in Application Security Assessment, Mobile Security Assessment, Penetration Testing, Program Assessment & Compliance, Program Development, Research, Security Testing & Analysis

Insecure By Default Mobile application assessments diverge somewhat from normal web application assessments as there is an installed client application on a local device to go along with the backend server. Mobile applications can often work offline, and thus have a local store of data. This is commonly in the form of SQLite databases stored…

Read

Measuring the Impact of a Security Awareness Program

November 29, 2022
By in Decision Making, Managed Services, Mergers & Acquisitions Security Assessment, Physical Security, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Training

Our goal in building a security awareness program is to embed security into our partners’ existing organizational culture. Impacting culture is a long-term process that can take years and requires executive support. If you are tasked with managing a security awareness program, it is your job to measure and show leadership that your program is…

Read

Detection and Alerting: Selecting a SIEM

September 2, 2022
By in Endpoint Hygiene Automation, Incident Response, Incident Response & Forensics, Penetration Testing, Program Assessment & Compliance, Program Development, Purple Team Adversarial Detection & Countermeasures, Security Testing & Analysis

Summary Basic SIEM requirements should be in place to create mature detections for a variety of log sources, including network logs, system logs, and application logs (including custom applications). This focuses on Security Operations and does not include the engineering side of SIEM management, e.g., licensing, hardware/cloud requirements, retention needs, etc. Each component of the…

Read

Azure Automation – Getting Started With Desired State Configurations

July 21, 2020
By in Endpoint Hygiene Automation, Program Development, Remediation Assistance & Training, Security Remediation

Azure brings a lot of new tools and capabilities to the IT and Information Security toolbox. In fact, there are so many features that it can be overwhelming and difficult to understand when or how to use them. I believe that the revamp of Desired State Configuration (DSC) within Azure is one of these overlooked…

Read

Using Azure to Address Endpoint Hygiene Management

July 14, 2020
By in Endpoint Hygiene Automation, Program Development, Remediation Assistance & Training, Security Remediation

Remote workers are set up, but endpoint management is still an issue Setting up a remote workforce during the COVID-19 pandemic presented a huge challenge, especially trying to get so much done in such a short time frame. While getting extra Zoom licenses was likely pretty easy, there are more challenging issues surrounding remote sharing…

Read

Using Effectiveness Assessments to Identify Quick Wins

June 23, 2020
By in Architecture Review, Attack Path Effectiveness Review, HIPAA NIST CIS20 SOC ISO 27001 Assessments, Managed Services, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Security Program Management, Vulnerability Assessment

An organization’s overall security posture can be viewed from multiple different angles, such as technical assessments, program assessments, controls assessments, and risk assessments. A number of different frameworks for each of these assessment types exist, intended to help both technical teams as well as leadership organize security program building activities. Some of these include: Penetration…

Read

Want Better Alerting? Consider Your Business Processes

May 19, 2020
By in Architecture Review, Attack Path Effectiveness Review, Business Risk Assessment, Managed Services, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Security Program Assessment, Security Program Management

Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for implementing and upgrading these capabilities are often noisy, expensive, and laborious. Traditional Alerting Approaches are Failing During program assessments, we find that a lot of clients are generating so many alerts that they…

Read

Securing a Remote Workforce: Top Five Things to Focus on For Everyone

March 25, 2020
By in Business Risk Assessment, Managed Services, Operational Performance Maturity Assessment, Penetration Testing, Physical Security, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Security Program Assessment, Security Program Management, Security Remediation, Security Testing & Analysis, Training, Vulnerability Assessment

Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle…

Read

Crossover Sec: Breaking Down the Silos

March 24, 2020
By in Business Risk Assessment, Program Development, Security Program Assessment, Virtual CISO

People who know me well, or who saw the Derbycon 6 talk I gave with Adam Hogan, “Adaptation of the Security Sub-Culture,” know of my non-InfoSec hobby and history of playing in loud bands that recorded and toured across the U.S. and Canada, mostly in the 90s. It was music in the 80s that had…

Read

  • Search the blog

  • Search by Author

  • Browse by date

  • Browse by Category

  • Clear Form