Do you know every device that is on your network? Many organizations will say they have a good idea. But do they really? On penetration tests, we regularly find devices that the organization being tested wasn’t aware were present. Here are 5 IT asset management best practices that you should follow ...
Can you think of any company or industry today that doesn’t use computers? It’s amazing isn’t it? Technology is changing the way that we do almost everything. But technological advances aren’t all rosey. As our companies and lives become more dependant on computers, we also become more vulnera...
Today, I’m going to show you how we used a spear phishing attack to get a company’s vice president of compliance’s credentials and bypass Two Factor Authentication and get access to very sensitive company information. Of course, we did this during an authorized penetration test. We were able to comp...
If your organization is serious about cybersecurity, you may already or be looking to have testing of your security programs performed. It’s one of the best ways to ensure that your defenses are working the way they are intended to. So, in today’s article, we’re going to discuss, W...
Are you ready for Windows 10 encryption strategies that you can implement in your organization to secure your data? If so, you’ll love this article. It’s a complete guide to encryption methodologies. Everything you need to know to drastically improve the security of your computers. Let&#...
With the daily reports of large breaches and organization’s increasing dependence on other organizations for technology solutions, there is no question that third party risk management is becoming a topic that must be addressed. The problem is: There’s very little clear guidance on what ...
In this post, I’m going to show you things you should be doing to prepare to comply with the California Consumer Privacy Act. These are the exact steps that we are using with all of our compliance consulting clients in 2019. Let’s dive right in. 1. Figure out if your orga...
If you’re looking for a list of the best managed IT services companies in Charlotte, NC, you’ve come to the right place. Here’s the deal: Most Charlotte IT service agency rankings are completely subjective. And they don’t take one very important thing into consideration ̵...
You probably know that having an outside party audit your cybersecurity controls is never a bad idea. There are multiple options – penetration tests, vulnerability scans, audits, etc. But what exactly is the difference between penetration testing vs vulnerability scanning? Here’s a simple expl...
This is the most comprehensive free guide to social engineering online. In this expert-written guide, you’ll learn everything you need to know about performing and defending against human hacking, from the psychology to the tools you’ll need. So, if you are looking to become a master social engineer...
