Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Leadership

Supplier Assurance Tools

Do they replace the need for OSINT and Supplier engagement?

I’ve been conducting sales and assurance-based activities for some while (I’m not counting it will make me feel old!) and I have started looked at a range of supplier management tools which leverage tool-based OSINT, attack surface mapping and manual data inputs and I have to say this:

Read more “Supplier Assurance Tools” →

Leadership

Cyber Insurance: How would I decide to buy it…

Is Cyber Insurance right for you?

Wow a big question, right? I can’t answer this for you, obviously I’d recommend that you consider cyber insurance, however I’d also recommend that you:

  • Understand your business and it’s supply chain with regards to financials and linkages to cyber risk
  • Understand your current cyber asset, threat, vulnerability and therefore risk landscape
  • Ensure you have a good understanding to make informed decisions

I’m not going to write lots this evening on the subject, but I was reviewing a report and thought in line with some research that I started recently (but was side-tracked) and then have seen the report so purchased that instead! (Sometimes it’s easier to not do everything yourself right!)

Read more “Cyber Insurance: How would I decide to buy it or not?” →
Leadership

Vulnerability Management Concerns by Role Type

Have you ever thought about what kind of data/intelligence you may need with regards to vulnerability management? It tends to vary at levels of abstraction based on the audiance, but don’t think the person doing the patching may not be considernig upwards or that someone in a C level position won’t care about the zeros and ones (life doesn’t work that way!)

Anyway I was talking to a friend and came up with these so thought I’d share them with the world. Have I done a decent job? can you think of others? How do you measure and report? What are your concerns?

Let’s take a look at what I came up with (this wasn’t a very long time in the making 😉 )

Read more “Vulnerability Management Concerns by Role Type” →
Guides

How to use Putty as a SOCKS Proxy

Ever stuck in an environment where your internet access isn’t what you want it to be? Ever need to exfilrate data and bypass some DLP? Obviously I’m talking like a pentester (don’t use this if it beaks policies on anohers assets) so this is useful for some scenarios in testing but also in real life!

Read more “How to use Putty as a SOCKS Proxy” →
Education

Infrastructure Penetration Testing Realities

Penetration testing is just like being a cybercriminal, right?

Honestly, it feels weird writing this, however I feel there’s a real issue with penetration testing and some myths that (for understandable and obvious reasons) exist in some people’s minds. So I’ve taken to trying to explain to people what an external penetration test actually entails in the real world of business. So here goes!

Read more “Infrastructure Penetration Testing Realities” →
Leadership

UK NCSC Active Cyber Defence (ACD)

Defending a single server is often far more complex than people apreciate, defending a single organisation is significantly harder than a single server, defending a country… a much more complex challenge than I think people actually realise.

What is ACD?

According to the NCSC:

The aim of ACD is to “Protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber attacks the majority of the time.” We do this through a wide range of mechanisms, which at their core have the ability to provide protection at scale. 

ACD is intended to tackle the high-volume commodity attacks that affect people’s everyday lives, rather than the highly sophisticated and targeted attacks, which NCSC deal with in other ways.

UK NCSC
NCSC Active Cyber Defence

What is included?

The UK NCSC offer and run a range of Active Cyber Defence capabilities which include the following:

Read more “UK NCSC Active Cyber Defence (ACD)” →
Defence

Offensive KEV Alpha 0.1

Working out what exploits to care about is a tough job, kill chains, availability of exploits, complexity, data flows, controls etc. all play a part in understanding a vulnerability and how it affects your organisational risk. To support this effort I’ve started to compile a list of public exploits against CISA Known Exploited Vulnerabilities (KEV). This may be useful for defensive and offensive security pros.

Read more “Offensive KEV Alpha 0.1” →
Education

Security Awareness Training Example

Introduction

There are tons of “products” for security awarenss training, however you might find that sitting and watching canned CBT videos isn’t your organisations thing or perhaps you want to see what other options there are available. Well for starts the UK NCSC has some free online security awarenss training (see further down the post), or you may want to actually spend time with your staff to make the learning a collaboarive experiance that drives engagement and communication. If the last one if your desired approach there are lots of ways to do this. One of which can be supported by a question based assessment, other ways include tabletop scenarios and incident simulations (i honestly would go with a blended appraoch if it was me!).

So to help people get thinking about this I’ve put together some example questions to drive the message about incident reporting, collaboration and education vs blame. So here we go, here’s some ideas for communication and some questions to get staff thinking about cyber security, sure they aren’t rocket science, but then it doesn’t need to be!

Read more “Security Awareness Training Example” →
Education

Common Windows Services

Exploitation of common windows services is an important area of knowledge for both offense and defence.

  • Server Message Block (SMB)
  • Remote Desktop Protocol (RDP)
  • Windows Management Instrumentation (WMI)
  • Windows Remote Management (WinRM)
  • File Transfer Protocol (FTP)

Other common technology platforms in the Windows Stack Include

  • Active Directory Domain Services (ADDS)
  • Active Directory Certificate Services (ADCS)
  • Internet Information Services (IIS)
  • Microsoft SQL Server (MSSQL)

For now I’m just going to look at a few of the common protocols and vectors.

Read more “Common Windows Services” →
Leadership

Board Level Security Metrics

Everyone always asks what are the best security metrics to have? The answer is simple to me, use metrics that are valuable to your business governance and decision-making processes! Easy right.

Not so easy in real life right!

Read more “Board Level Security Metrics” →

Posts navigation

1 2 3 4

Recent Posts

  • Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
  • The Long Game: Persistent Hash Theft
  • The Hacker on a Train
  • Adopting an Attacker Mindset to Defend Healthcare
  • Caught: A Hacker Adventure

Recent Comments

No comments to show.

Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited