Network monitoring with nmap

Network monitoring with nmap

Asset management is a problem we help many of our customers with. What are an organization’s assets, and how accurate and up-to-date is this information? Even with a mature asset management program, organizations want some form of validation of their result....
Intro To Inzure: New Tool for Azure Deployments

Intro To Inzure: New Tool for Azure Deployments

By Danny Rosseau Cloud providers have a wide variety of different predesigned service offerings, but they’re intended to be created and used quickly and easily, sometimes to the detriment of having secure configurations by default. It can be confusing for...
Manipulating APIs for Security Test Automation

Manipulating APIs for Security Test Automation

We perform application-level security assessments of APIs quite frequently. About a year ago I was working on a project with a large REST API. Roughly 1,300 routes implemented across dozens of micro-services with a very complex role based authorization framework....

Android 7 Cellular MiTM

Performing security assessments of complex systems sometimes requires some technical gymnastics to “man-in-the-middle” (MITM) communications between components. MITM techniques are essential for observing and manipulating communications in ways that a...