Optiv Blog

Secure SDLC Lessons Learned: #5 Personnel

· By Shawn Asmus · 0 Comments

t’s no secret that finding and retaining dependable, well-trained application security professionals is a serious challenge, and has been for years. Part of the problem is that the breadth and depth of AppSec knowledge is rather astronomical; one could argue that it’s exponentially wider than network security and grows at a much faster rate. Based on what I’ve seen, teams tend to be perpetually short-staffed and undertrained.

Continue reading 0 Shares

From Low to p0wn (Part 2 of 3)

· By Doug Rogahn · 0 Comments

In the scenario, we focus on session management. The most common session management mechanism is a session cookie. We commonly see session cookies without the secure flag. Issues like weak SSL encryption ciphers, the presence of an invalid SSL certificate or missing the HTTP Strict Transport Security (HSTS) header weaken the security posture of the application and increase the likelihood of an attacker being able to intercept and view the application communications.

Continue reading 0 Shares

Escape and Evasion Egressing Restricted Networks

· By Chris Patten, Tom Steele · 0 Comments

A command kill chain consists of payload delivery, code execution on a target system, and establishing a command and control (C2) channel outside of a network. There are many ways to achieve each of these steps; for example, Microsoft Office Macro for delivery, PowerShell for code execution and HTTP as a transport for C2.

Continue reading 0 Shares

Tactics, Techniques and Procedures (TTPs) Within Cyber Threat Intelligence

· By Ken Dunham · 0 Comments

TTPs is a great acronym that many are starting to hear about within cyber security teams but few know and understand how to use it properly within a cyber threat intelligence solution. Tactics, techniques and procedures (TTPs) get at how threat agents (the bad guys) orchestrate and manage attacks. “Tactics” is also sometimes called “tools” in the acronym.

Continue reading 0 Shares

New NIST Cyber Recovery Guide, What’s Your Plan?

· By Kevin Hiltpold · 0 Comments

The adversaries trying to breach your cyber defenses have a plan, do you? A few weeks ago, the National Institute of Standards and Technology (NIST) released their Guide for Cybersecurity Event Recovery. The guide includes topics contained in a typical recovery plan and really boils down to documentation, communication and practice.

Continue reading 0 Shares

Information vs. Cyber Threat Intelligence

· By Ken Dunham · 0 Comments

Cyber threat intelligence should always enable decision making and action, but what good is a cyber threat intelligence program if you take no action or it simply makes you do more work? One Optiv client said it best when he stated, “Actionability shouldn’t mean I have to do more work.” Sadly, in our current Information Age, we are drowning in data.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 17

· By Jackson Byam · 0 Comments

For all functional roles in the organization prioritizing those mission critical to the business and its security, identify the specific knowledge, skills, and abilities needed to support defense of the enterprise; develop and execute an integrated plan to assess, identify gaps, and remediate through policy, organizational planning, training, and awareness programs.

Continue reading 0 Shares

Is an Effective Vulnerability Management Program in Your Future?

· By John Ventura · 0 Comments

The sad truth about penetration tests is that they are almost always successful in demonstrating dramatic security events. Even junior assessors can go from minimal access, below the level of most employees, and gain administrative domain credentials for an internal corporate network.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 16

· By Adam Schindelar · 0 Comments

Actively manage the lifecycle of system and application accounts – their creation, use, dormancy, deletion – in order to minimize opportunities for attackers to leverage them.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 15

· By Steven Darracott · 0 Comments

The processes and tools used to track, control, prevent and correct the security use of wireless local area networks (LANs), access points and wireless client systems.

Continue reading 0 Shares
(286 Results)