Bash Tips and Tricks

I know I definitely identify with being a visual learner, and I am happy to help where I can with creating content for the security/sysadmin (system administrator) field. So, I am proud to announce that we have started a series about Bash Tricks and Tips on our YouTube channel, which will talk about interesting nuances …

Bash Tips and Tricks Read More »

Waving the White Flag: Why InfoSec should stop caring about HTTPOnly

As a company that is constantly working with our penetration testing clients on understanding where they should focus their efforts, qualifying risk is second-nature to us. On one hand, we never want to undersell a risk, and have a client accept that risk based on an improperly informed position. On the other hand, I think …

Waving the White Flag: Why InfoSec should stop caring about HTTPOnly Read More »

Proxying HTTPS Traffic with Burp Suite

This is easy to fix. All we need to do is tell our browser that the Burp CA can be trusted. Because every new installation of Burp generates a different CA, this doesn’t create a risk of somebody else intercepting your traffic surreptitiously with their Burp instance. The actual steps to perform this vary slightly by operating system.

Einstein Told Us: Why User Awareness is NOT the right focus

“The definition of insanity is doing the same thing over and over again and expecting different results.” – Einstein (Well, not really!) Every day we hear another reason why user awareness (or better-named security awareness) is critical. We hear an announcement of another breach or social engineering attack. And then we get asked why security …

Einstein Told Us: Why User Awareness is NOT the right focus Read More »

Cooking up Better Security Incident Communications

I am fond of meal kits. I enjoy the entire experience: the scrolling through delicious-looking meal descriptions, the excitement of receiving a package full of ingredients, the smells while learning how to make the recipe, and of course tasting that first bite of the new things you created with your own hands. I have not …

Cooking up Better Security Incident Communications Read More »

Scroll to Top