July 13, 2020
February 5, 2020
3 Vulnerabilities to be on the Lookout for in 2020
3 Vulnerabilities to be on the Lookout for in 2020 1.Security Misconfigurations What is a security misconfiguration? A security misconfiguration...
Read MoreDecember 6, 2018
REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 3 – Reporting
Welcome back to the REST Assured blog series for Part 3: Reporting. While often overlooked by security professionals, compiling reports...
Read MoreNovember 18, 2018
REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 2 – Testing
Welcome back! In part 1 of REST Assured blog series, we discussed the definitions and history behind APIs, and we...
Read MoreNovember 14, 2018
REST Assured: Penetration Testing REST APIs Using Burp Suite: Part 1 – Introduction & Configuration
July 18, 2018
A Tale Of Two Tools: When Splunk met SecurityCenter
Co-Authors: Keith Rhea and Alex Nanthavong It was the best of times, it was the worst of times, it was...
Read MoreJuly 5, 2018
Hardware Vulnerability: Understanding Spectre, Meltdown and the Price of Unchecked Modernization
Firewalls, encryption, antivirus software, armed security guards, dual authentication and every other added security mechanism that exists to secure data,...
Read MoreJune 10, 2018
Inherent Risk Tiering for Third-Party Vendor Assessments
It can be a challenging and overwhelming task to adequately manage the risk associated with outsourcing technology or business processes,...
Read MoreNovember 24, 2016
Stop By Booth 118 @ AWS re:Invent and Speak to Our Team of Cybersecurity Experts
November 24, 2016
Stop by Booth 118 @ AWS re:Invent to Learn How We Can Secure Your Cloud
Read MoreOctober 27, 2016
When Perception is Not Reality: Perspectives on State-Sponsored Hacking and Retaliation
NBC News recently reported that the CIA is poised to launch a retaliatory cyber-attack against Russian computer systems. This comes...
Read MoreAugust 5, 2016
Hacking Hillary: Recent Breaches against Democratic Political Groups
A recent leak of thousands of Democratic National Committee emails cast a long shadow over the Democratic Convention in Philadelphia...
Read MoreMarch 14, 2016
Electronic Voting for the 21st Century
October 15, 2015
Privilege Escalation via Group Policy Preferences (GPP)
While this is not a new topic in the penetration testing world by any means [Chris Gates (@carnal0wnage) and others...
Read MoreSeptember 10, 2013
Stocking the Toolbox – Cloud Unpacked
Ah the cloud. A stellar piece of human ingenuity and design that allows us to access our data from anywhere...
Read MoreMarch 18, 2011
Vulnerability Management White Paper
Recently, I was asked to put together a white paper describing some work we’ve done related to supporting a vulnerability...
Read More