Amanda Mates – Page 5 – WindowsTechs.com

Making EDR Work for PCI

Posted on September 10, 2020 by Amanda Mates

The Endpoint Detection & Response (EDR) and Advanced Threat Protection (ATP) marketplace is abuzz with products that blur the lines of personal firewall, host-based intrusion detection system (IDS) and intrusion prevention system (IPS), anti-virus, system logging, and file integrity monitoring (FIM). These solutions are centrally managed from your web browser and include advanced dashboards for…

The post Making EDR Work for PCI appeared first on TrustedSec.

Continue reading Making EDR Work for PCI→

Fuzzing the Front End!

Posted on September 8, 2020 by Amanda Mates

So, who is testing the client-side components of Single Page Applications (SPAs)? What are you doing exactly, dropping a few cross-site scripting (XSS) polyglots into boxes like you used to do with “<ScRiPt>alert(123)</sCrIpT>” for traditional apps back in 2001? Are you mostly holding out hope that all big problems will be in the back-end APIs?…

The post Fuzzing the Front End! appeared first on TrustedSec.

Continue reading Fuzzing the Front End!→

SMS Phish – An Incident Walkthrough

Posted on September 3, 2020 by Amanda Mates

Opener The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view the phish site from a non-mobile browser, provide OPSEC setup and browsing analysis recommendations, and conclude with defense measures to protect against such attacks. Analysis Background…

The post SMS Phish – An Incident Walkthrough appeared first on TrustedSec.

Continue reading SMS Phish – An Incident Walkthrough→

Red Teaming With Cobalt Strike – Not So Obvious Features

Posted on August 27, 2020 by Amanda Mates

Since beginning work as a red teamer almost two years ago, I’ve had to learn a lot of new information and tooling. I had never worked with Cobalt Strike before and there were features not obvious to me until I had used it for a while and gained some experience with it. This post will…

The post Red Teaming With Cobalt Strike – Not So Obvious Features appeared first on TrustedSec.

Continue reading Red Teaming With Cobalt Strike – Not So Obvious Features→

Become The Malware Analyst Series: PowerShell Obfuscation Shellcode

Posted on August 20, 2020 by Amanda Mates

In this second installment of the ‘Become a Malware Analyst Series,” Principal Incident Response & Research Consultant Scott Nusbaum focuses on PowerShell obfuscation by analyzing a PowerShell sample that was identified during an… Continue reading Become The Malware Analyst Series: PowerShell Obfuscation Shellcode→

From The Desk of the CEO: Adam Chester Joins TrustedSec as Senior Security Consultant

Posted on August 17, 2020 by Amanda Mates

Today is an exciting day at TrustedSec! It’s not often that we get to announce the addition of a world-class Red Teaming and InfoSec researcher, but today happens to be one of those days. We’re officially announcing that Adam Chester is joining TrustedSec as a Senior Security Consultant on our Red Team. With Adam’s addition…

The post From The Desk of the CEO: Adam Chester Joins TrustedSec as Senior Security Consultant appeared first on TrustedSec.

Continue reading From The Desk of the CEO: Adam Chester Joins TrustedSec as Senior Security Consultant→

From the Desk of the CEO: Eric Girard Joins TrustedSec as Chief Operating Officer

Posted on August 13, 2020 by Amanda Mates

I’m proud to announce an addition to the TrustedSec leadership team – Eric Girard has joined us as the Chief Operating Officer! As TrustedSec continues to grow, I believe that having the right person focused on the company’s vision and innovation is crucial for our continued success. As COO, Girard will provide the leadership, management,…

The post From the Desk of the CEO: Eric Girard Joins TrustedSec as Chief Operating Officer appeared first on TrustedSec.

Continue reading From the Desk of the CEO: Eric Girard Joins TrustedSec as Chief Operating Officer→

A Discussion on Serverless Application Vulnerabilities

Posted on August 6, 2020 by Amanda Mates

The main advantage of utilizing serverless architecture, such as Amazon Web Services (AWS), is that it is a great way to build applications without having to manage the infrastructure. The provider will provision, scale, and maintain the servers to run applications, databases, and storage systems. Naturally, this offloads the risk of server-side insecurities to the…

The post A Discussion on Serverless Application Vulnerabilities appeared first on TrustedSec.

Continue reading A Discussion on Serverless Application Vulnerabilities→

The Updated Security Pro’s Guide to MDM, MAM, and BYOD

Posted on July 30, 2020 by Amanda Mates

Bring your own device (BYOD) is an accepted convention, most commonly for mobile devices, in corporate environments. Even company-owned devices are treated by employees as personal devices and are often incorporated into the environment in the same way that employee-owned devices are. Our job in information security is to ensure that the business initiatives like…

The post The Updated Security Pro’s Guide to MDM, MAM, and BYOD appeared first on TrustedSec.

Continue reading The Updated Security Pro’s Guide to MDM, MAM, and BYOD→

From the Desk of the CEO: Jeremy Wolff Joins TrustedSec as Managing Director of Advisory

Posted on July 23, 2020 by Amanda Mates

Today I’m proud to announce the hiring of Jeremy Wolff to run the Advisory Team at TrustedSec. As we see the security industry change, we also make our own internal adjustments to allow us to shift our business to match the needs of our customers. Bringing on Wolff is a direct response to new needs…

The post From the Desk of the CEO: Jeremy Wolff Joins TrustedSec as Managing Director of Advisory appeared first on TrustedSec.

Continue reading From the Desk of the CEO: Jeremy Wolff Joins TrustedSec as Managing Director of Advisory→