| | service | 7 minutes read (About 1110 words)
Pentest

Five Benefits of Penetration Testing

Do you want to be sure that your company infrastructure remains resilient to sophisticated attacks? With all the bold claims security devices and tools make today, it’s easy to assume that your infrastructure is impenetrable. However, even companies with the best security practices perform regular penetration tests to ensure their environment holds up against real-world attacks.

Pensive Security offers cutting-edge penetration testing to ensure applications, networks, and cloud infrastructures can handle complex and creative attacks from hackers trying to get into your systems. We regularly carry out pentests for companies of all sizes and ensure that your security controls are present and working as intended. We use a team of certified professionals and provide comprehensive reports that make it straightforward for teams to make needed changes to your security systems.

Not sure what penetration testing is all about? This article will delve into the five key benefits of penetration testing and why you might need it for your company.

Read More

| | roundup | 6 minutes read (About 969 words)
May 2021 Roundup

May 2021: Cybersecurity Roundup

The previous month in cybersecurity:

  1. The Colonial Pipeline Attack Sends People into a Panic
  2. President Biden Strengthens Cybersecurity Protocols
  3. CISA and the FBI Release Joint Cybersecurity Advisory
  4. Microsoft Launches Asia-Pacific Public Sector Cybersecurity Executive Council
  5. The World’s Largest Meat Producer Is Attacked

Read More

| | roundup | 5 minutes read (About 782 words)
April 2021 Roundup

April 2021: Cybersecurity Roundup

This past month in cybersecurity:

  1. What the FLoC, Google? How Google is Developing New and Exciting Ways To Track You
  2. Apple Introduces AirTags
  3. Coinbase Went Public
  4. AT&T Launches New Managed Endpoint
  5. Biden Administration’s Cybersecurity Roadmap

Read More

| | roundup | 5 minutes read (About 727 words)
March 2021 Roundup

March 2021: Cybersecurity Roundup

This past month in cybersecurity:

  1. Cyberattack Disrupts Molson Coors Operations and Production
  2. $2B of COVID-19 Relief Package Reserved for Cybersecurity and Tech
  3. Google Revealed How Much Personal Data They Collect in Chrome and Google iOS Apps
  4. Ubiquiti Accused of Covering Up Huge Data Breach
  5. IRS Warns of Phishing Scams Targeting Colleges and Universities

Read More

| | service | 9 minutes read (About 1329 words)
Mobile Pentest (Image Adapted from OWASP MATG)

What Is Mobile App Security Testing?

Mobile devices accounted for 52.6% (Statista, 2019) of Internet traffic in 2019. With 5G technology emerging, this is predicted to increase fivefold by the end of 2024 (https://www.ericsson.com/en/5g/what-is-5g).

Mobile applications are becoming ever more prevalent in our daily lives, and many services are moving to a mobile-first strategy.

Read More

| | roundup | 5 minutes read (About 820 words)
January 2021 Roundup

February 2021: Cybersecurity Roundup

This past month in cybersecurity:

  1. Mysterious ‘Silver Sparrow’ Malware on Macs
  2. Myanmar Draft Cybersecurity Law
  3. Kia Motors $20 Million Ransomware Attack
  4. Kroger Data Breach
  5. Malicious Firefox Extension ‘FriarFox’

Read More

| | service | 8 minutes read (About 1140 words)
OWASP ASVS

OWASP Application Security Verification Standard (ASVS)

Over the years, we’ve had multiple clients come to us and mention that they had a previous “penetration test” or “vulnerability assessment” performed only to receive a report containing only vulnerability scanner results, like OpenVas or Nessus.

While those reports are undoubtedly useful, they don’t replace the depth and coverage that a high-quality penetration test or vulnerability assessment provides.

To help standardize application security testing, OWASP has created a standard called ASVS (Application Security Verification Standard).

Read More

| | tutorial | 4 minutes read (About 563 words)
Mailchimp Subscribe Modal

Add Mailchimp Subscribe Modal to your Hexo Blog

If you use Hexo for your blog, you know how easy it is to create a beautiful and user-friendly experience for your followers. Even better, Hexo is entirely open-source, which means you are free to customize the code to work best for your needs.

We’ve known for a while that we need a clean way for new visitors to subscribe to our blog. We put it off because we imagined a significant design and implementation effort to integrate it into our MailChimp email list.

Bri loves tinkering with open-source code, and she recently discovered a straight-forward way to modify our Hexo theme (Minos) and allow new visitors to subscribe to our mailing list.

Ready to add this functionality to your blog? Read on!

Read More

| | roundup | 4 minutes read (About 535 words)
January 2021 Roundup

January 2021: Cybersecurity Roundup

This past month in cybersecurity:

  1. FireEye Released Technical Details Related to SolarWinds
  2. FBI Seizes NetWalker Ransomware
  3. Emotet Malware Network Dismantled By Police
  4. New Zealand Central Bank Suffered Data Breach
  5. Mimecast Products used to Spy on Customers

Read More

| | tutorial | 3 minutes read (About 458 words)
Cit0day Breach Detection

Quick Summary

Cit0day had a massive data breach in November 2020, which leaked credentials for over twenty thousand websites. It is more complicated than usual to determine which credentials you need to change because there were so many websites involved in the breach.

You can use a tool we created to check which domains you need to change your password for.

Just navigate to the following link and follow the instructions:

https://passcheck.pensivesecurity.io

Read More

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×