What’s in a Penetration Test? Penetration testing has become a standard requirement for the majority of our clients, and there are myriad factors that go into a successful penetration testing engagement for both the client and the evaluator. Let’s take a look at what commonly comprises a penetration test, and the related testing actions that are performed. External Penetration Testing This is generally the type of test people think of when they hear about a Penetration Test. An External Penetration Test is a simulated cyber-attack launched against the target institution and may include both technical and social engineering methods. The [...]
About Daniel SheridanThis author has not yet filled in any details.
So far Daniel Sheridan has created 2 blog entries.
50 Shades of Administration During our work, both our auditors and engineers have noticed a common issue our clients large and small have – overly permissive administration accounts. Many times, we see all IT users given a Domain Admin account, from the greenest helpdesk tech, to the person overseeing the network. Microsoft’s Active Directory has a couple of different ways to grant rights to a user, group, or organizational unit, allowing the target the ability to perform certain tasks without giving them the keys to the kingdom. Here are just a couple simple examples. In the Springfield.local domain, Lisa Simpson [...]