by Terry Crowley | Jun 14, 2018 | InfoSec Strategies
Speaking at the recent CyberUK conference in Manchester, Dave Hogue, senior technical director of the Cybersecurity Threat Operations Center at the NSA, flatly stated: We have sophisticated adversaries using unsophisticated means to cause great damage. In fact, I’ll... by Terry Crowley | Apr 17, 2018 | Penetration Testing
Even if your company has a robust firewall, an intrusion detection system (IDS) and antivirus/anti-malware, hackers can still gain access to your systems and data by exploiting vulnerabilities in your networks. Finding those vulnerabilities before the attackers do... by Michael Gargiullo | Mar 1, 2018 | Penetration Testing
A network penetration test is a deep-dive investigation that returns valuable information when other criteria about your network is already satisfied. Performing a penetration test without good APV management (Asset Management, Patch Management, and Vulnerability... by Michael Gargiullo | Nov 15, 2017 | Penetration Testing
There are basically three levels of network penetration testing: 1) Security Assessment (Validation) This level of testing is vulnerability-centric. Heavily utilizing automated toolsets, the test starts with a vulnerability assessment and is followed by a manual... by Peter Alexander | Aug 11, 2016 | ISMS Consulting
It’s commonplace for the vulnerability scans I run at client sites to turn up servers running unsupported software like Windows Server 2003, SQL Server 2005 or Cisco’s IOS 15. Our scans flag this as a critical issue. Often the client doesn’t know the software is out...