Phishing Awareness Metrics

Phishing simulations are cheap and effective training tools, and the metrics they provide over time can provide clear insights into security awareness throughout an organization.

Satellites and Their Vulnerabilities

As satellites become more involved in Earthly communications, they will be targeted by hackers. But how safe are they now?

The California Consumer Privacy Act (CCPA) – Part 3

The CCPA does have some similarities to GDPR, but there are quite a few differences. Final post of a 3-part series.

The California Consumer Privacy Act (CCPA) – Part 2

The CCPA give California residents a lot of rights regarding their digital privacy. Part 2 of a 3-part series.

The California Consumer Privacy Act (CCPA) – Part 1

The California Consumer Privacy Act (CCPA) is one of the strongest digital privacy laws in the US. Part 1 of a 3-part series.

Sort Your Lists – Penetration Test Reporting Tips

There are testers who think I’m nutz for insisting that they sort any lists they include in their reports. Let me tell you my side of the story…

OWASP & The Top 10

The OWASP Top 10 details critical risks associated with web application security and is the defacto standard for web app security.

Include Command Strings – Penetration Test Reporting Tips

A good pentest report is supposed to be a teaching tool that provides the folks on the receiving end with information that makes it possible for them to do a lot of the same things we did. Here are a few reasons why we want them to do that.