Security Risk Advisors

Blog

"Things were going well for six-year-old cybersecurity firm Security Risk Advisors as a virtual company with no official HQ, said managing director Tim Wainwright.

And yet Monday night, with a visit from Commerce Director Harold Epps and Councilman De… Continue Reading

What is Apache Struts?

Apache Struts (Struts) is an open-source framework used to create Java web applications.  The great thing about Struts is that it allows developers to build powerful web applications using a well-established, portable language. … Continue Reading

SiteKiosk Breakout

April 4, 2017 | Posted in Red Teams by Dan Astor, Barrett Adams

Background

On an engagement last year, we were asked to perform a security review of several “HR kiosks” at various locations. These particular kiosks were located within manufacturing facilities and allowed employees without company assets to access … Continue Reading

Presented at BSides New Orleans, April 1, 2017

A few years ago all you needed was a 4 port switch and Kali VM to reliably bypass most controls and have domain admin in a few hours. Defenses and networks have improved and so should your red team arsena… Continue Reading

The Way It Was

The concept of purple teaming is not new.  We’ve been doing it for years; it was just disjointed and we didn’t call it “purple” or “red and blue”.  Instead, the red team “broke in” (usually walked in), perused the aisles, took what they… Continue Reading