Trendy vulnerabilities like PrinterNightmare and attacking Active Directory Certificate Services may seem incredible currently (and they are), but they end up being manually patched out and dealt with over time. Systems administrators will consider their risk and...
Any Systems Administrator knows that the task of securing an Active Directory environment is a never-ending task. Since the first Windows AD was released with Server 2000, Microsoft has added countless features. Many of these features are created with connectivity in...
While working out the details with a client for an upcoming security assessment, whitelisting the penetration testers IP addresses always generates additional conversation. It may seem odd because you wouldn’t whitelist your adversaries to bypass a security control,...
Something you’ve likely already encountered on your penetration testing service quotes are the inclusion or add-on of a re-test. Some organizations use this as a differentiator by including it with their quotes and some offering it simply as an add-on. It’s something...
As organizations continue to move towards cloud computing technology and services, we get this question often. The good news is it’s become much clearer in recent times as both AWS and Microsoft Azure have both relaxed their policies and posted easy to understand...
A concern we often hear while scoping security assessments is around impacting the current operating rhythm of an organization. This is a valid concern as the last thing an IT leader wants is to negatively impact the business when it could have been avoided. The first...
