When we started MindPoint Group over 10 years ago, the executive team recognized that the key to success lay in our ability to recruit and retain employees. In short, it was all about the people. Our focus was on collaboration, strength, knowledge, and diversity. We treat people with kindness and respect, holding each other accountable.
Ever ask a sysadmin what they find most tedious about their job? If they’re being honest, keeping up with security patching and compliance causes the most headaches. Surprised? You shouldn’t be. Patching continues to be a labor-intensive job with dire consequences for misconfigurations that could down a system or expose parts of the environment to
Introduction So, you’ve received your FedRAMP authorization, either through the Agency ATO or the JAB P-ATO process. Now what? Unlike other programs, a Cloud Service Provider (CSP) can’t just sit back and relax; there is still a lot of work to be done to maintain that FedRAMP Authorization. In fact, it can be a daunting task in and
What is a CSP? CSP is an acronym for Content Security Policy. It can be used as a white-list of things the browser can and can’t do with a Web App or Website. A CSP can help prevent content injection vulnerabilities like Cross Site Scripting (XSS) and can be used to mitigate interception attacks like
Recently I had the opportunity to test an installation of AtHoc – BlackBerry’s emergency notification system. During the course of the test, I discovered an XML External Entity (XXE) vulnerability in BlackBerry AtHoc 7.6.0 affecting the Delivery Template feature used to customize emergency notification messages and demonstrated how an authenticated attacker could read files off