May 24, 2017 | Posted in PRESS RELEASE
"Things were going well for six-year-old cybersecurity firm Security Risk Advisors as a virtual company with no official HQ, said managing director Tim Wainwright.
And yet Monday night, with a visit from Commerce Director Harold Epps and Councilman De… Continue Reading
April 13, 2017 | Posted in Red Teams by Garrett Fails
What is Apache Struts?
Apache Struts (Struts) is an open-source framework used to create Java web applications. The great thing about Struts is that it allows developers to build powerful web applications using a well-established, portable language. … Continue Reading
On an engagement last year, we were asked to perform a security review of several “HR kiosks” at various locations. These particular kiosks were located within manufacturing facilities and allowed employees without company assets to access … Continue Reading
April 3, 2017 | Posted in Red Teams by Chris Salerno, Dan Astor, Chris Myers
Presented at BSides New Orleans, April 1, 2017
A few years ago all you needed was a 4 port switch and Kali VM to reliably bypass most controls and have domain admin in a few hours. Defenses and networks have improved and so should your red team arsena… Continue Reading
January 5, 2017 | Posted in Purple Teams by Chris Salerno
The Way It Was
The concept of purple teaming is not new. We’ve been doing it for years; it was just disjointed and we didn’t call it “purple” or “red and blue”. Instead, the red team “broke in” (usually walked in), perused the aisles, took what they… Continue Reading