Author: Bethany Kozal

IoT, OT, & SCADA Security

Tales From the Road: When it comes to your SCADA Network: Segment. Segment. Segment.

   By: Bethany Kozal   06.13.23

How DirectDefense uncovered weaknesses in a municipality’s SCADA systems and a need for SCADA network segmentation A large municipality enlisted the services of DirectDefense to perform a Critical Infrastructure Assessment of the SCADA network controlling their water and electric services. During the SCADA assessments, our team identified several weaknesses that demonstrated the need for SCADA… Read more »

Cyber Attacks & Threat Trends

Tales From the Road: Minimize Third-Party Software Security Risks

   By: Bethany Kozal   05.09.23

How to Prevent Credential Stuffing with IPv6 Protocol Security Third-party software security risks are created when third-party vendor products lack security, giving attackers wide open access to your organization’s networks and databases. When a vendor has access to your network, including customer and corporate information, your own company’s security doesn’t cover all the gaps, so… Read more »

Asset Visibility & Risk Management

WATCH: Why Should CISOs Consider a MSSP and How Do You Choose the Right One?

   By: Bethany Kozal   05.05.23

Discover the Benefits of Partnering with an MSSP and Tips for Selecting the Right One for Your Organization A resilient cybersecurity strategy is essential to running your business while protecting against security threats and preventing data breaches. For CISOs, partnering with a managed service security provider (MSSP) means you can be in control of your… Read more »

Security Assessments & Testing

Tales From the Road: Oops, We Did it Again! Breaking the Bank During a Red Team Assessment

   By: Bethany Kozal   03.07.23

Plus: 10 Tips to Keep Your Organization Out of the Red A financial institution enlisted our services to perform a Red Team assessment – an effective approach to simulate a real-world threat actor attempting to compromise an organization from the outside in. Using an email phishing campaign combined with a physical breach, DirectDefense consultants uncovered… Read more »

Security Assessments & Testing

Tales From the Road: The Best Defense Against Injection Attacks is to Protect Your Legacy App

   By: Bethany Kozal   02.21.23

How DirectDefense accessed sensitive financial and personal data through injection vulnerabilities The best defense against injection attacks is to secure legacy applications by leveraging an app security assessment. Got a legacy app? Then listen up: Legacy applications can be particularly susceptible to injection attacks and organizations should take immediate action to remediate this vulnerability before… Read more »

Security Assessments & Testing

Tales From the Road: How DirectDefense Got a Free, Round Trip Ticket to an Airline’s Internal Network During a Physical Pen Test

   By: Bethany Kozal   02.14.23

Using Simulated Security Attacks to Test Network and Physical Vulnerabilities DirectDefense was asked by an airline to conduct security testing through simulated security attacks to help identify vulnerabilities that could put the airline’s data and operations at risk. As part of the engagement, DirectDefense: Spoiler Alert: Through effective tactics, like tailgating, we were able to… Read more »

Like what you’re seeing? Contact us today.

Get Started