by Roman Faynberg | Apr 12, 2021 | Exploits, Featured, News, Techniques
You might have taken all the right steps to secure a corporate Windows workstation: your users are not running as local admins, endpoint protection is in place, service ACLs and file permissions are locked down, etc. Yet there is still a frequently overlooked...
by Brad Dixon | Apr 6, 2021 | CarveFacts, Featured, News
You can view decrypted TLS connections in Wireshark by creating a key log file using mitmproxy: Set an environment variable to point to the desired location to record the TLS encryption keys: export SSLKEYLOGFILE=$PWD/keylogfile.txt.Then start mitmproxy and proxy your...
by Jeremy Allen | Jan 11, 2021 | Featured, News, Strategy
This post is fundamentally about humans and how they achieve goals. It is about defeating our tendencies when solving hard problems and pushing the boundaries of our performance. I call it the Universal Principle of Smoothness, but it is really about the fundamental...
by Mike Zusman | Jan 11, 2021 | Digital Transformation, Featured, News, Strategy, Threat Modelling
Do you know what your organization’s attack surface is? Attack surface is everything that a bad person (aka “attacker”) can interact with or touch. Your organization’s attack surface consists of PIA: People, Infrastructure and Applications. By considering the...
by Mike Zusman | Jan 7, 2021 | Digital Transformation, Featured, News, Strategy, Techniques, Threat Modelling
As a business leader, you are likely familiar with SWOT analysis. SWOT is a strategic planning exercise to help identify a business’s Strengths, Weaknesses, and Opportunities, as well as Threats jeopardizing it’s growth and existence. You are probably less familiar...
by Mike Zusman | May 13, 2020 | Cloud, Digital Transformation, Featured, News
Application Security, or AppSec, is a race between your business and bad actors. Whether you realize it or not, people and bots are constantly attacking and probing your Internet-facing and cloud hosted applications. In fact, it’s not uncommon to hear of...