Establishing a beachhead is an important objective during many of our security assessments. To gain further access into an environment we need to get access to an Internet facing system, which can then be used to pivot into the network. The walkthrough below is a real life example, taken from one of our projects
During the ongoing COVID-19 outbreak many security professionals have by necessity been operating tactically & in response mode, trying to identify and mitigate the security risks of organisations that have had to move rapidly to remote working.
While some organizations are halting their use of Zoom due to security concerns and alerts that come on a seemingly daily basis; in some cases it might be the only option for some people and is still an immensely popular solution for remote meetings.
In one of my past lives, before cyber security came along, I was a hostage negotiator. To give you an idea of just how long ago, during my training we were negotiating (through an interpreter) with “terrorists” who were holding “hostages” in a (very real) airliner, surrounded by (also very real) armed police, parked just off one of the (very busy) runways at London’s Heathrow Airport.
Davin and Mike speak with John Quigg, advisor for OccamSec and Senior Advisor at Spurrier Capital Partners. The trio talk about supply chain, previous major breaches, and how to marry IT and Operations teams to make effective changes.
Mike and Davin are joined by John Kindervag, creator of Zero Trust for the Season 2 Premiere of Burned by the Firewall! The trio discuss how Zero Trust came to be, its fundamentals, and some common myths. For anyone who is concerned with their current deployments, or who is considering setting up new infrastructure, this episode is for you!
In our season finale, Mike and Davin are joined by Cynthia Boumann, Head of Global Audit at Dover Corporation. She share her insights on the universe of risk, living through the winter storm in Texas, and why there should be now be a larger conversation on infrastructure and resilience.