Journey of Learning: Server-Side Template Injection
Welcome to my journey of learning. This series is about my preparation for the OSCP exam. More specifically this series is about how I use the things I am learning for my CTF hobby in my role on the Data Analytics team here at Set Solutions. If you would like to know more about how this got ...
Continue ReadingReady, Set, Secure Episode 26
Click Here to listen to the latest episode! There’s an easier way to build Splunk dashboards, and Service Delivery Manager Chuck Brown is here to help! This week on the podcast Michael and Hutch walk through Chucks latest demo and learn how the new cPanel feature can help optimize your ...
Continue ReadingOne Does Not Simply Hack APIs… Actually, One Probably Does Part 2
If you were searching for epic Lord of the Rings materials and came across this blog post, make sure you read the first installment before continuing on your journey. Repeating the Geek Alert Like I said in the first installment of this two-part series, be warned that this post contains ...
Continue ReadingReady, Set, Secure Episode 25
Click Here to listen to the latest episode! Up next in our Cybersecurity Influencer series we have the Co-Founder of the Security BSides Conference, Co-Host of the Security Voices podcast, and Tenable Community Advocate Jack Daniel! This week Michael and Hutch chat with Jack about how BSides came ...
Continue ReadingBest Practices and Effective Vulnerability Management Strategy
Vulnerabilities are a fact of life. It’s an imperfect world. There is simply no way to avoid them. Fortunately, vulnerabilities can be detected, and resolved or mitigated to remove or limit the risk they present. The goal is not to try and achieve a world with zero vulnerabilities—the goal is ...
Continue ReadingIdentity is Not the New Perimeter!
A few years ago, we all were bombarded by marketing campaigns from identity management (IDM) software vendors stating that the “Identity is the new Perimeter.” While that sounds good and sells well to CISOs and CIOs, it is a little simplistic and misleading. I believe that identity is just a ...
Continue ReadingA Journey of Learning: Introduction
I have spent a lot of time around security professionals, but I am not sure that I would consider myself one of them. Maybe a better way to say that is that I am a not traditional security professional. In a field as diverse as information security, maybe the idea of a traditional security ...
Continue ReadingReady, Set, Secure Episode 24
Click here for the latest episode! Join Michael and Nick as they meet with Application Security pioneer Dan Kuykendall to discuss the history of the practice and what he predicts this field will see in the future. Things Mentioned: ...
Continue ReadingReady, Set, Secure Episode 23
Click here for the latest episode! Senior Security Consultant Greg Porterfield joins Michael and Nick to discuss his upcoming series on combining his expertise in Data Analytics and his new found interest in penetration testing. Things Mentioned: · ...
Continue ReadingReady, Set, Secure Episode 22
Click here for the latest episode! Our hosts got some one on one time with Dr. Anton Chuvakin of Google Cloud to discuss his latest post on Context in Threat Detection. Things Mentioned: ...
Continue Reading