
Tales From the Road: Who’s in the Driver’s Seat of Your Physical Security?
DirectDefense conducted a physical security test at a utility company and was able to have their run of the business – and a Tesla.
Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
DirectDefense conducted a physical security test at a utility company and was able to have their run of the business – and a Tesla.
DirectDefense assessed the security of MQTT traffic – the transfer of data to a SCADA system, ultimately controlling critical infrastructure.
Students will learn the fundamentals of DevOps and how DevOps teams can build and deliver secure software. In a time when the drive for technology efficiencies has left security in the dust, organizations focused on developing code are now starting to realize the true importance of what secure DevOps means. DevOps security or DevSecOps is… Read more »
Well-configured endpoint security is critical to protect against a ransomware attack or a security breach, and requires some extra attention.
Navigating the 5 Stages of Grief Following an Incident Response Event Are you a victim of a data breach and are you feeling signs of grief? You’re not alone. As an incident response professional, I have met many different types of corporate staff, from the IT staff to the C-suite. Unfortunately, it was probably on… Read more »
Breaking Down Microsoft’s Response to the Lapsus$ Gang’s Social Engineering Compromise Microsoft has done an excellent job in explaining the social engineering breach that originated against them from the Lapsus$ group. In their recent blog post, they detail the Lapsus$ attack and how access was obtained, as well as provide some decent recommendations to enhance… Read more »
It’s time to rethink your password policy to prevent modern password attacks. If you think your company’s policy of requiring passwords to have a minimum length of eight characters, in addition to other complexity requirements, is sufficient to effectively prevent modern password attacks, think again. Our client, a global corporation with business units in more… Read more »
Avoid these three pitfalls that are inherent to most SCADA systems that manage critical infrastructure. A multinational corporation enlisted the services of DirectDefense to perform a security assessment of the organization’s newly-developed battery energy storage control (BESS) that would enable the company’s vendors and integrators to manage the voltage and power output for massive batteries.… Read more »
Security company Qualys has uncovered a dangerous PolicyKit vulnerability. Learn how to remediate and patch Linux.
What PCI Compliance for Cloud Data Looks Like: Challenges and Maintenance Moving to the Cloud is not as simple as “Just put it in the Cloud and we won’t have to do PCI.” The Cloud can reduce PCI Scope but it can also add to the complexity of maintaining PCI compliance. As we will discuss,… Read more »