Dealing With Third-Party Risk Assessments: Creating and responding to vendor questionnaires

September 16, 2019 | By:

Wednesday, September 25th at 1 p.m. EST Ain’t nobody got time for that! Are you feeling overwhelmed? Have you been diagnosed with a case of audit fatigue? The growth in third-party assessment requests has exploded–more and more organizations are being forced to fill out third-party vendor forms and create or formalize third-party risk functions. The…


Going Purple: Measurably improving your security posture with Purple Team engagements

August 05, 2019 | By:

This webinar was recorded on Wednesday, August 21st Adversaries continue to morph tactics and identify new ways of attacking organizations. Whether emulating a perimeter breach or the more popular phishing attack on the user population, it has never been more important to attack patterns and categorize behavior to defend against them. What’s the process and…


Webinar: Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.

July 16, 2019 | By:

This Webinar was recorded on Wednesday, July 24 at 1:00PM Eastern The idea of segmenting your network is not new. However, even in 2019, we still see companies with flat networks ripe for attack. This provides a much greater opportunity for malicious actions or even accidental incidents to occur. The benefits are clear. Splitting up…


Webinar: Attack Simulation TTPs: Group Policy and Audit Setting Enumeration with Carlos Perez

June 11, 2019 | By:

This was recorded on Wednesday June 19th at 1PM Eastern Situational awareness is key when one lands access on a target system as part of an attack simulation. Knowing what controls are present and which are likely present allows performance of a proper threat assessment for the access that has been obtained. This information is…


Webinar: You’ve Been Framed! Using Frameworks to Improve and Defend your Security Program

May 21, 2019 | By:

Please note this webinar took place on Thursday, May 30th The majority of organizations that are in the process of building a security program are starting with a security framework. Frameworks seek to provide a reference for planning but also ensure that an organization can benefit from the learnings and successes of the security community…


Webinar: Container Security & Compliance

April 30, 2019 | By:

Please note that this webinar was recorded on May 15, 2019. A growing trend. Using containers has been an increasing trend over the years as most companies are leveraging services to streamline their development needs. As this trend grows, many security professionals struggle to effectively layer the organization’s compliance obligations into these environments. …with growing…


Webinar: Simulating a Cyber Attack – Table-Top Best Practices

March 14, 2019 | By:

Practice? We’re talking about practice?! Cyber attacks are an organizational concern. In order to build an effective security program, it’s impossible to rely on “best practice” policies without testing and vetting them to see if they work. Penetration tests will only go so far and only deal with the technical aspects of preventing a breach….


Webinar: Using MITRE ATT&CK(TM) for Coverage and Effectiveness Assessments

January 30, 2019 | By:

Recorded on February 13th, 2019, AT 1:00 PM EST What is the MITRE ATT&CK(TM) Framework? The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CKTM) Framework (https://attack.mitre.org/) is “a globally-accessible knowledge base of adversary tactics and techniques” that is “open and available to any person or organization for use at no charge.” It is fast becoming…


Webinar Series: Fundamentals of Post-Exploitation with Carlos Perez

December 20, 2018 | By:

Learn the basics of post-exploitation from advanced infosec professionals Join Carlos Perez (@darkoperator) as he shares some of the post-exploitation methodology used by TrustedSec security consultants performed during actual attack simulations. Each of the four individual webinars will focus on specific aspects that will build upon each other to give a complete picture of the…


Webinar: Cloud Security: Pen Testing and Program Building

November 29, 2018 | By:

This webinar was held on December 12th at 1:00 EST Companies Are Still Foggy With Security in the Cloud. One of the questions we get most often is about cloud security. In fact, it’s one of the least understood areas for both penetration testing and security program building as cloud services such as Azure and AWS…