Realistic Threat

How To Scope a Penetration Test (The Right Way)

By |2020-08-31T15:34:54-04:00August 27th, 2020|

How to Define the Scope of Your Next Pentest Engagement One of the most important factors in the success of a penetration test is its scope.  Scope limitations are an understandable and even common desire.  However, they can make the results of a pentest worse [...]

Hacking casinos with zeroday exploits

By |2020-04-07T12:22:22-04:00November 29th, 2016|

Most popular email programs like Microsoft Outlook, Apple Mail, Thunderbird, etc. have a convenient feature that enables them to remember the email addresses of people that have been emailed.  Without this feature people would need to recall email addresses from memory or copy and paste from [...]

Enemy of the state

By |2020-03-31T10:24:19-04:00January 25th, 2016|

A case study in Penetration Testing We haven’t been blogging as much as usual largely because we’ve been busy hacking things.   So, we figured that we’d make it up to our readers by posting an article about one of our recent engagements. This is a story [...]

The Truth About Breaching Retail Networks

By |2020-03-31T10:26:03-04:00September 11th, 2014|

How we breached a retail network using our manual penetration testing methodology We recently delivered an Advanced Persistent Threat  (APT) Penetration Test to one of our customers. People who know us know that when we say APT we’re not just using buzz words.  Our APT services [...]

What you don’t know about compliance…

By |2020-03-31T10:26:14-04:00August 1st, 2014|

People are always mystified by how hackers break into major networks like Target, Hannaford, Sony, (government networks included), etc.  They always seem to be under the impression that hackers have some elite level of skill.  The truth is that it doesn’t take any skill to break [...]

How to Price a Penetration Test

By |2020-09-15T23:47:48-04:00October 8th, 2013|

This video provides and overview of the two most common methodologies for pricing a penetration test. How Much Should You Spend On Penetration Testing Services The most common question asked is "how much will it cost for you to deliver a penetration test to us?". Rather [...]

Comments Off on How to Price a Penetration Test

Whistleblower Series – The real problem with China isn’t China, its you.

By |2020-03-31T10:27:14-04:00June 10th, 2013|

Terms like China, APT and Zero-Day are synonymous with Fear, Uncertainty and Doubt (FUD).  The trouble is that, in our opinion anyway, these terms and respective news articles detract from the actual problem.  For example, in 2011 only 0.12% of compromises were attributed to zero-day exploitation [...]

Comments Off on Whistleblower Series – The real problem with China isn’t China, its you.