Pen Test

XXE Vulnerability in BlackBerry AtHoc (Networked Crisis Communication) Platform

Recently I had the opportunity to test an installation of AtHoc – BlackBerry’s emergency notification system. During the course of...

2018 YEAR IN REVIEW: Open Source Collaboration

Supporting Open Source At MindPoint Group we recognize the value that open source software provides and we work to support...

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 3 – Reporting

Welcome back to the REST Assured blog series for Part 3: Reporting. While often overlooked by security professionals, compiling reports...

REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 1 – Introduction & Configuration

Pen Testing REST API with Burp Suite Introduction:   Hello and welcome to our 3-part blog series where we will...

Conducting and Detecting Data Exfiltration

How to Conduct and Detect Data Exfiltration Is your organization taking proactive measures to prevent a data breach?  From 2016...

CloudFront Hijacking

I recently spent some time exploring the issue of CloudFront domain hijacking. This is not a new issue but I...

Stop By Booth 118 @ AWS re:Invent and Speak to Our Team of Cybersecurity Experts

Stop by Booth 118 @ AWS re:Invent to Learn How We Can Secure Your Cloud

Electronic Voting for the 21st Century

With the election year ahead it behooves us to take a look at the security of our voting systems and...

Tool Review: Firebind Reflector Overview

Recently, Gus and I took a look at a tool that could be an asset in a Vulnerability Assessment and...

Tool Review: Firebind Reflector Walk-Through

I’m providing a walk-through of Firebind to go along with the overview that Joe has provided here. In this scenario,...

Tweet of the Year for 2011: What’s Wrong With Information Security

Last week, I read what I expect to be the most intelligent tweet of 2011.  A member of the OWASP...