Resources
Ecourse

Using Core Impact with PowerShell Empire

This video discusses the integration between Core Impact and PowerShell Empire and how you can use these two tools together. (function(t,e,s,n){var o,a,c;t.SMCX=t.SMCX||[],e.getElementById(n)||(o=e.getElementsByTagName(s),a=o[o.length-1],c=e.createElement(s),c.type="text/javascript",c.async=!0,c.id=n,c.src="https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd...
Penetration Testing
Ecourse

Getting Started with Core Impact

Get up and running quickly with this training series designed to provide you with an overview of the Core Impact penetration testing software interface and functionality. ...
Penetration Testing
Getting Inside the Mind of An Attacker Part One Thumbnail
Blog

Getting Inside the Mind of an Attacker: Why Active Directories Are Popular Targets

Mon, 08/10/2020
Authored by: Julio Sanchez In today’s world, with the perpetual threat of breaches always looming, what’s the best way to ensure your organization stays safe? Oftentimes, the best security measure against cyber-attacks is to think like an attacker. When viewing things in this light, it’s immediately clear what makes for a prized gem within your infrastructure: Active Directory. Though such an...
Penetration Testing
Ecourse

Core Impact Training in 20 Minutes

Our training courses are designed to help our customers get the most out of Core Impact’s powerful features and maximize their return on investment. This training series is designed for both new and experienced users and covers the most common topics from customers. Each course is only 20 minutes, designed to help increase confidence in the platform. ...
Penetration Testing
How to Select the Right Third-Party Pen Testing Service
Blog

How to Select the Right Third-Party Pen Testing Service

Wed, 07/29/2020
As both cybersecurity breaches and compliance mandates increase, third-party pen testing services are no longer seen as optional. These teams specialize in ethical hacking that gives organizations insight into possible security weaknesses and attack vectors in their IT environment. Being in such high demand, more and more testing services are emerging, presenting businesses with a new challenge of...
Penetration Testing
Video

Reducing Risk With Penetration Testing

Tue, 07/28/2020
Though cybersecurity defenses are increasingly sophisticated, threat actors have also become more creative in order to achieve their end goals. They continue to find new ways to use the technologies most integral to businesses – mobile devices, computers, servers, websites, wifi, and email – as entry points to breach networks for malicious purposes. What more can be done to reduce the risk of...
Penetration Testing
What’s the Difference Between IAM, IGA, and PAM?
Blog

What’s the Difference Between IAM, IGA, and PAM?

Fri, 07/24/2020
The identity security landscape has transformed considerably within the last two decades. And for good reason. Mitigating identity-related access risks has become essential as companies face threats every day, from virtually everywhere. The focus on managing the access of people, digital identities, and privileged accounts has increased significantly to address these risks, and has put Identity...
PAM
IGA
IAM
Security Compliance
Blog

Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance

Tue, 07/21/2020
Guest Post- Alex Naveira, Director, ITGA & CISO on Compliance To continue this month's conversation on compliance, we have another special guest joining us on the blog today. Alex Naveira is the Director, ITGA & CISO at Miami Children's Hospital and oversees multiple locations. We asked Alex what compliance meant to him and he had a list of different kinds of compliance and said "which one?"...
IGA
health-care-identity-governance-doctor-with-ipad
Blog

Healthcare Identity Governance in the Era of COVID-19: Five Critical Issues Your Organization Can’t Afford to Overlook

Wed, 07/15/2020
The impact of COVID-19 has been far-reaching across nearly every sector. But none has been so greatly disrupted as the healthcare industry. Managing through this crisis has required healthcare systems to expand some aspects of their workforce and redeploy others virtually overnight in order to transform the way they offer services to patients. Redeploying resources, leveraging a mobile workforce,...
IGA
Performance gears
Blog

The Truth About Pen Testing Automation

Mon, 07/13/2020
With cybersecurity attacks perpetually on the rise, security teams are under more pressure than ever. While pen testing can help these teams by finding vulnerabilities before adversaries can, even pen testing comes with its challenges. A skills shortage, new and expanding regulations requiring testing, and other critical daily security duties increasingly leave cybersecurity professionals...
Penetration Testing
Getting Inside the Mind of an Attacker: Going Beyond the Exploitation of Software Vulnerabilities
Video

Getting Inside the Mind of an Attacker: Going Beyond the Exploitation of Software Vulnerabilities

Tue, 07/07/2020
When evaluating potential risks to an organization, the human factor is one of most dynamic and crucial elements to consider. An attacker can take advantage of security pitfalls introduced by humans, gaining access and even escalating privileges. Anyone from a regular user to an IT admin can make simple but critical errors that allow a threat actor to enter your organization’s network. In this...
Data Security
Video

Top Reasons to Move from Syslog to a SIEM

Tue, 06/23/2020
Your security team is perpetually busy protecting your organization’s data. But they can often be overwhelmed with tasks related to security events from a constantly pinging syslog. SIEM—or security information and event management—software can help IT teams get a streamlined view of activity and potential concerns. Differentiating “event data” from “log data,” as they are related to SIEM, is...
SIEM
pen testing for a remote workforce
Blog

The Importance of Penetration Testing for a Remote Workforce

Mon, 06/22/2020
As we continue to adapt in these unprecedented times, many workplaces have remained fully remote. In fact, some organizations have seen enough benefits from remote work that they are planning a permanent shift away from a traditional office environment, instead having their workforce either partially or fully remote. Whether temporary or permanent, remote work has been a large adjustment for...
Penetration Testing
IT Security
Video

Closing the Gap on Access Risk

Fri, 06/12/2020
Access-related risks represent one of the biggest obstacles organizations must address in a complex threat landscape—and they are lurking everywhere. Whether from changes in the business, like hiring, promotions, or transfers, from business growth and transformation, including M&A activity, corporate reorganizations, or new product introductions, from infrastructure changes, like new platforms,...
IGA
Article

Reversing & Exploiting with Free Tools: Part 5

In part four, we performed an analysis of stacks three and four with exercises on testing bad characters. In this next part, we will complete our analysis of Stack4 using IDA Free. In subsequent parts, we’ll complete ABOS exercises that delve deeper into the use of the different tools. Those exercises are located in the ABOS Folder and will challenge us to open and run a calculator, notepad, or...