Penetration Testing Archives - Page 7 of 7

Building a Pwnagotchi

by Ryan Zagrodnik | May 15, 2020 | #_shellntel

What is a Pwnagotchi? From the Website: Pwnagotchi is an A2C-based “AI” powered by bettercap and running on a Raspberry Pi Zero W that learns from its surrounding WiFi environment in order to...

Continuous Penetration Testing

by SynerComm | Mar 31, 2020 | Blog, Cloud Security, Penetration Testing, Security Operations

“So, let’s say we fix all of the vulnerabilities that the pentest discovers… How do we know tomorrow that we’re not vulnerable to something new?” ~Customer Bridging the Gap Between...

People are People, but Where Can You Find Them When You Need Them?

by Ryan Zagrodnik | Mar 25, 2020 | Blog, Security Operations

Trying to find qualified IT infrastructure and security people? We at SynerComm help companies successfully overcome that challenge every day, and so I suppose I suffer from the old adage: “to a...

Vendors Stepping Up in a Time of Need

by William Kiley | Mar 24, 2020 | Blog

Most enterprises are getting slammed with employees working from home. Most of us designed our remote user VPN’s for the occasional "snow day" ...right. Now we have an entire workforce, working from...

Remote Access Rush

by Lisa Niles | Mar 17, 2020 | Blog, Remote Access, Security Operations

Practicing good remote access hygiene in times of uncertainty As the business world reacts to the current health crisis, companies are offering remote access to any role that can work from home....

Are we prepared?

by Jeffrey Lemmermann | Mar 11, 2020 | Blog, Remote Access, Security Operations

Risks and Considerations for IT: A Pandemic What can IT do to prepare? We all know the stats of the Coronavirus, although they are changing by the minute. We know what to do personally and for our...

Stop Sharing Your Password with Everyone

by Brian Judd | Jan 5, 2020 | #_shellntel

Insert under image - Palo Alto Networks firewalls have the ability to create security policies and generate logs based on users and groups, and not just IP addresses. This functionality is called...

Cybersecurity Maturity Model Certification (CMMC)

by Paul Hendler | Sep 23, 2019 | Audit / Compliance, Blog

From a quick assessment on what has been published thus far on the CMMC regulation and its overall goal, it appears that contractors lack of information security will no longer be tolerated by the...

AWS Metadata Endpoint – How to Not Get Pwned like Capital One

by Justin Gardner | Aug 27, 2019 | #_shellntel

One of the greatest yet unknown dangers that face any cloud-based application is the combination of an SSRF vulnerability and the AWS Metadata endpoint. As this write up from Brian Krebbs explains,...

Understanding HIPAA: PHI and Covered Entities

by Paul Hendler | Aug 23, 2019 | Audit / Compliance, Blog

Medical community challenge: In a business environment where resources are limited, compliance requirements abound, and budgets are constantly challenged to meet cost containment targets, the...