by Ángel Suárez-Bárcena Martín | May 27, 2021 | AWS, Cloud, News, Techniques
Security is often a big concern when it comes to cloud computing. According to the Cloud Security Alliance (CSA), traditional security issues under the responsibility of cloud service providers (CSPs) are now less frequent, in contrast with those related to design,...
by Mike Zusman | May 20, 2021 | Featured, News, Strategy, Techniques
There are many different types of security assessment methodologies identified by cute color associations. Here are simple descriptions of the most popular to help you choose which approach is right for you. Your opinion on these descriptions may differ from mine, and...
by Roman Faynberg | Apr 12, 2021 | Exploits, Featured, News, Techniques
You might have taken all the right steps to secure a corporate Windows workstation: your users are not running as local admins, endpoint protection is in place, service ACLs and file permissions are locked down, etc. Yet there is still a frequently overlooked...
by Mike Zusman | Jan 7, 2021 | Digital Transformation, Featured, News, Strategy, Techniques, Threat Modelling
As a business leader, you are likely familiar with SWOT analysis. SWOT is a strategic planning exercise to help identify a business’s Strengths, Weaknesses, and Opportunities, as well as Threats jeopardizing it’s growth and existence. You are probably less familiar...
by Mike Zusman | Dec 28, 2020 | Cloud, Digital Transformation, IOT, Mobile, News, Techniques, Web
Carve COO Max Sobell presenting on “Shifting Security Left” at Giphy HQ. Many a CTO and VP of Engineering has begrudgingly spent money on penetration tests in order to make their enterprise customers or auditors happy. You know how it goes: your team...
by Meador Inge | Aug 3, 2020 | News, Techniques, Tools, Web
Do we have a problem? The World Wide Web have been struggling with how to create portable, efficient and safe programs (pick two) for decades. The current best of breed attempt is called WebAssembly and is affectionately referred to as “WASM”. The project...
