Cyber Security Resources
Whitepapers
Improve your cybersecurity by reading our whitepapers and learning from our experts
Labs
Take a look at our tools, presentations, and policies
Universal Principle of Smoothness
This post is fundamentally about humans and how they achieve goals. It is about defeating our tendencies when solving hard problems and pushing the boundaries of our performance. I call it the Universal Principle of Smoothness, but it is really about the fundamental aspects of any endeavor. It is...
An Easy Cybersecurity Model for Busy Execs
Do you know what your organization's attack surface is? Attack surface is everything that a bad person (aka “attacker”) can interact with or touch. Your organization’s attack surface consists of PIA: People, Infrastructure and Applications. By considering the security of your own PIA,...
Cybersecurity Threat Modeling for Business Leaders
As a business leader, you are likely familiar with SWOT analysis. SWOT is a strategic planning exercise to help identify a business’s Strengths, Weaknesses, and Opportunities, as well as Threats jeopardizing it’s growth and existence. You are probably less familiar with Threat Modeling: a...
5 Ways to Increase Pen Testing ROI
Carve COO Max Sobell presenting on "Shifting Security Left" at Giphy HQ. Many a CTO and VP of Engineering has begrudgingly spent money on penetration tests in order to make their enterprise customers or auditors happy. You know how it goes: your team works hard to build a functional product, and...
Security is a Long Distance Event
Twenty-five miles and seven hours into my first 50 mile trail running race, I told myself there are only twenty-five miles and seven hours to go. It should be simple - just keep going, right? This was my mindset a year into taking up running at my first Leadville Silver Rush 50 run. The idea was...
WASM Security Assessment Techniques
Do we have a problem? The World Wide Web have been struggling with how to create portable, efficient and safe programs (pick two) for decades. The current best of breed attempt is called WebAssembly and is affectionately referred to as "WASM". The project defines WASM broadly as: WebAssembly...
Stay Connected
Stay on top of the latest in cybersecurity tools, news, and opinion with @carvesystems on social media! Check out our blog for cyber tips, tricks, and all things infosec.