Current Security Trends in 2019

February 07, 2019 | By:

As the information security industry continues to mature, several things have changed, but many of the fundamental issues remain—even in the face of new technologies, threats, and regulations. Understanding and responding to current trends provides the opportunity for security and risk management leaders to better improve security, increase resiliency, and support the business. With renowned…


A TrustedSec Internship

February 05, 2019 | By:

Every college student has a worry of not being able to find an internship for the summer. An internship can provide real world experience and perspective into a field that interests you, but it can be exceptionally difficult to find the right internship that will ultimately pave a path to finding a job after college….


Adventures of an RDP Honeypot – Part Three: Creation of an RDP Honeypot

February 01, 2019 | By:

Welcome to the third and final part of the blog series on the RDP honeypot that I set up. The first part took a look at RDP and how it can be better secured, while the second post analyzed what the attackers did once they got into the honeypot. In this post I’ll talk about…


Adventures of an RDP Honeypot – Part Two: Know Your Enemy

January 28, 2019 | By:

Welcome to part two of the three-part series on the Remote Desktop Protocol (RDP) honeypot I set up. In the first post, I discussed ways that RDP can be configured to be more secure (and how you should NEVER put it on the Internet). In this part, I’ll talk about what happened when my honeypot…


Adventures of an RDP Honeypot – Part One: RDP Security

January 25, 2019 | By:

Over the last several months, TrustedSec has noticed a common thread in the root cause of incidents we’ve investigated: Microsoft Remote Desktop Protocol (RDP) open to the Internet. RDP on the Internet is a very bad idea. Attackers are constantly searching for, and breaking into, systems set up in this way. Once in, they can…


Local Admin Access and Group Policy Don’t Mix

January 24, 2019 | By:

Having spent a career working with Group Policies, I thought now might be a good time to give an overview of it and I felt like doing a little writeup about Group Policies. I especially want to highlight why having admin access to clients can be really bad. It is important that everyone understands the weaknesses…


Few cons to bringing in the pros: Why should you have a third-party risk and security assessment?

January 10, 2019 | By:

At TrustedSec, we get about 400-500 inquiries for security assessments every year.  Some of the questions we still hear quite often are: Why does our company need to do a risk and security assessment? Why can’t we just do it ourselves? We already know we’re terrible—why do we need you to tell us that? There…


Incident Response Team Adds Senior Consultant Justin Vaicaro

January 08, 2019 | By:

From TrustedSec Incident Response Team Lead Tyler Hudak: TrustedSec is a multi-disciplined company with many service offerings outside of the world-renowned penetration testing we are known for. Included in those offerings is our Incident Response team, which I am proud to lead. Today I am pleased to announce that we have expanded our Incident Response…


How to Reduce PCI Compliance Anxiety

January 08, 2019 | By:

What type of emotions are created in you when you hear the term ‘PCI?’ Anxiety? Possibly fear? For some, it may be disgust. Most favorably, some may feel a sense confidence or enthusiasm. Ok, I agree that enthusiasm is rarely listed as an emotion felt when hearing the term ‘PCI,’ although there may be someone…


White Paper: Why Penetration Testing Needs Continual Evolution – Going Purple

August 01, 2017 | By:

Download TrustedSec’s white paper: White Paper: Why Penetration Testing Needs Continual Evolution – Going Purple In this white paper you’ll find information detailing the needed changes to typical types of penetration testing. Download now