In the News
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Office of the CISO
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Tools
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Enhancing Purple Team Testing with ALLCAPS: A Capability-Based Approach to Execution
Discover how the ALLCAPS framework enhances Purple Team exercises by focusing on capability-based detection development. Learn how to improve testing strategies and align detection logic with attack techniques for better security outcomes.
Introducing Tier 0: How AI Is Empowering the Agentive SOC
Discover how Tier 0, powered by SCALR AI, is transforming Security Operations Centers. By automating repetitive tasks and enriching alerts, Tier 0 enables analysts to focus on real threats, creating a smarter, more sustainable SOC. Learn more about this innovative approach.
PRESS RELEASE: Security Risk Advisors Recognized with Microsoft Verified Managed XDR Solution Status
Security Risk Advisors achieves Microsoft Verified Managed XDR Solution status, offering 24/7 SOC operations, proactive threat hunting, and rapid incident response—all integrated with Microsoft Security tools. Learn how SRA is modernizing security operations for its clients.
PRESS RELEASE: Blackbird.AI And Security Risk Advisors Partner To Protect Enterprises From The New Threat Vector Of Narrative Attacks
Strategic alliance brings narrative intelligence to global companies to combat misinformation, disinformation, and AI-generated deepfakes that cause financial, operational, and reputational harm.
PRESS RELEASE: Security Risk Advisors Introduces SCALR AI – A Platform for Rapid Agentive AI Enablement
Security Risks Advisors (SRA), a leading cybersecurity consulting firm, today announced the launch of SCALR AI, a customizable platform designed to enable non-technical people to build and integrate agentive AI capabilities directly into their operations.
PRESS RELEASE: VECTR Enterprise Now Available on Azure Marketplace
FOR IMMEDIATE RELEASE Philadelphia, PA - August 4, 2025 - Security Risk Advisors (SRA) is proud to announce that VECTR Enterprise, its premier adversary emulation and purple teaming platform, is now available on the Microsoft Azure Marketplace. This milestone marks a...
Sharpening Offensive Skills Through Purple Teams
Discover how purple teams bridge the gap between red and blue teams, offering red teamers real-time feedback, hands-on experience with defensive tools, and insights into enterprise environments. Learn how this collaborative approach sharpens offensive skills and enhances detection strategies.
SRA Earns Microsoft Identity and Access Management Specialization
Security Risk Advisors has earned the Microsoft Solution Partner Specialization for Identity and Access Management. This is a big step forward for our team and another example of how we are continuing to grow our alignment with Microsoft.
Using Purple Teams to Set Detection Engineering Priorities
Purple Teams play a crucial role in enhancing detection engineering efforts by combining the offensive expertise of red teams with the defensive strategies and knowledge of blue teams. By leveraging the insights gained from simulating real-world attacks, organizations can identify detection opportunities and prioritize their engineering efforts.
Just Another Kusto Hacker – Behind the Scenes Breakdown!
Participating in the “Just Another Kusto Hacker” challenge was an incredible opportunity to push my skills with Kusto Query Language (KQL) to the next level. Winning the challenge was not just a personal milestone but also a reflection of the expertise and creativity we foster at SRA. Azure Data Explorer (ADX) is a key technology for us, powering our SCALR Sight platform and enabling us to analyze vast cybersecurity datasets to deliver actionable insights to our clients.
PAM: High Impact, High Failure Rate
Privileged Account Management (PAM) is a critical function in a modern cyber security program. PAM programs have a high fail rate for a variety of reasons, including: Lack of understanding of key risks around privileged accounts Resistance from system administrators...
Why Red? Why Purple? A NIST CSF View
Red and Purple Teaming serve distinct purposes, and we think NIST CSF backs us up on that. We outline why we believe in starting with Purple Teams to validate Protect...
Updated Results from the MITRE ATT&CK Endpoint Detection and Response Evaluation
Explore MITRE’s EDR tool evaluations for APT3 threat detection, featuring top performers like Crowdstrike and new entrants FireEye and Cybereason. Detailed results at SRA
New Health Industry Cybersecurity Practices (HICP) Guidance Released: What You Need to Know
Explore HPH SCC’s new cybersecurity guidance for healthcare, offering a prescriptive approach to enhance industry-wide security practices.
Open Letter to the FDA
This blog post contains a copy of the questions and comments we’ve submitted to the FDA regarding their latest Medical Device Cyber Security Pre-Market Guidance draft (Link Here). In our previous blog post, we provided an overview of the draft. We believe that...
FDA Pre-Market Medical Device Draft Guidance Review
FDA’s draft guidance on medical device cybersecurity could revolutionize industry practices for manufacturers and healthcare providers.
Creating a Project Sonar FDNS API with AWS
Learn to harness Rapid7’s Project Sonar for cybersecurity with our guide on creating an HTTP API to query internet-wide scan data, using AWS services.
Automating Payload Servers with AWS CodePipeline
Explore how AWS CI/CD tools can streamline offensive security operations with a payload server build pipeline, from code to delivery.
Finding and Decoding Big-IP and Netscaler Cookies with Burp Suite
Uncover the risks of ADC cookie leaks and secure your load balancing with SRA’s Load Balancer Cookie Scanner extension.
BSides PGH 2018 – Heavy Machinery and Burly Lumberjacks and Logging! Oh My!
Discover SRA’s Red Team SIEM strategies and tools presented at BSides PGH for efficient cyber engagement management.
BSides Philly 2017 – MFA: It’s 2017 and You’re Still Doing It Wrong
SRA unveils MFA best practices at BSides Philly. Learn to secure remote access and avoid common pitfalls. Watch on YouTube, slides on Slideshare.
New Vulnerability, Same Old Tomcat: CVE-2017-12617
Exploit Tomcat’s CVE-2017-12617 with our Metasploit module for remote code execution. Elevate pentests with System access. Get it on GitHub.
Peripheral Pwnage: Mousejacking 2.4 Ghz Input Devices
Explore advanced penetration testing methods beyond Responder, including mousejacking wireless peripherals for initial domain access.
The Macro Evolution: Bypassing Gmail’s Virus Filter and Reliably Establishing C2 Channels with Office Macros
Learn how a malicious Office macro can automate tasks and be abused in phishing attacks, despite multiple defensive layers. Protect against this threat.
A Smaller, Better JSP Web Shell
Discover our JSP Web Shell for RCE on Apache Struts, enabling command execution and file uploads within 1kb, even on limited servers.
Strutting Your Stuff – Identifying Outdated and Vulnerable Apache Struts in Your Linux Environment
Use our Struts Vulnerability Scanner to detect and manage Apache Struts flaws, ensuring your Java web apps are secure against known exploits.
Malware Analysis: A General Approach
TL; DR Malware analysis has many benefits to organizations and their defenders; however, most organizations do not have processes defined for performing these actions. This post will walk through the questions that malware analysis can answer along with defining an...
Understanding Nation-state Threat Actors with VECTR and MITRE ATT&CK
International political relationships...
Why Red? Why Purple? A NIST CSF View
Red and Purple Teaming serve distinct purposes, and we think NIST CSF backs us up on that. We outline why we believe in starting with Purple Teams to validate Protect...
The Perniciousness of Emotet and Banking Trojans
Guard against Emotet, the banking trojan that steals data and credentials. Learn how to protect your organization from such cyberattacks.
Updated Results from the MITRE ATT&CK Endpoint Detection and Response Evaluation
Explore MITRE’s EDR tool evaluations for APT3 threat detection, featuring top performers like Crowdstrike and new entrants FireEye and Cybereason. Detailed results at SRA
Purple Teams and Threat Resilience Metrics
This article covers how a Purple Team process done correctly can: Be documented and organized using the free VECTR.io platform (https://vectr.io) and align to MITRE ATT&CK Generate quantitative success defense metrics more meaningful than existing hygiene and...
A Closer Look at MITRE ATT&CK Evaluation Data
MITRE ATT&CK’s first endpoint security evaluations of APT-3 reveal key insights into vendor performance and detection capabilities.
The Return of OLE Exploit Delivery: CVE-2018-8174
CVE-2018-8174 “Double Kill” exploit targets Office OLE. Learn how to block attacks and secure your system against unauthorized code execution.
Purple Teaming: How to Approach it in 2017
Enhance cyber defense with Collaborative Purple Teaming, a proven strategy from Security Risk Advisors for measurable security improvements.
SEP USB Device Control – The Cheetah and The Hare
Discover how to combat the USB Security Flaw and protect sensitive data from unauthorized USB device copying with effective remediation steps.
Microsoft Purview: You Get Out What You Put In
Microsoft’s recently rebranded Purview suite of data governance, security, and compliance solutions offers more capabilities than ever before within a single product. But without a fundamental understanding of your data, getting value out of these tools remains a challenge. Defining your organization’s critical data and objectives for protecting it is a critical first step in maximizing the value of any Purview deployment.
Understanding and Applying Vector Databases to Supercharge your SOC with AI & Copilot for Security
Discover how Azure AI Search integration enhances threat intelligence with vector databases in Copilot for Security.
Building a Copilot for Security Custom NetFlow Plugin
We’ve built a custom Copilot for Security plugin that would take advantage of network flow data and use the power of Copilot for Security to extract the exact time and IP address of a host involved in a security incident, then go retrieve, summarize, and analyze the netflow data within 30 minutes on either side of the first noted malicious event to determine if there was potential for lateral movement or other key indicators of attack. This can give insight to understand if an attacker may have attempted to move laterally on your network, and if so where, and using which protocols.
Build: Azure Sentinel – Automated Evidence Storage Folders
Azure Sentinel have evolved into an excellent SIEM platform that we operate, tune, and optimize for many of our clients. One of the top features that differentiates Sentinel is that it is truly cloud native, fully exposing its data and functionality for use with all the other capabilities in Azure. I see the sky-as-the-limit when it comes to being able to creatively augment Sentinel with valuable features and functionality.
Getting Started in Cyber Physical System Security Defense
TL;DR – The best way to get started with Cyber Physical System Defense is to create a defense plan, collect asset inventory, and begin implementing monitoring infrastructure. These steps are all much easier said than done. Let's say you just found out that your...
S4x23 SBOM Challenge: Post-Conference Update
If you really need one, here’s the TL;DR – The SBOM market is emerging. Asset owners are unsure if they want them and suppliers/OEM’s are either considering adoption, have already adopted, or have a “shoo fly” mentality (for now). The “SBOM Challenge” was well...
Developing SBOM as a Capability
S4x23 Presents: SBOMs Galore It seemed like a week didn’t go by in 2022 without the mention of Software Bill of Materials (SBOM) in our newsfeeds, from a client, or from a colleague, so the announcement that S4x23 would feature an SBOM challenge piqued our interest....
Using Tabletop Exercises to Strengthen OT Security Maturity
If you are part of an organization grappling with how to secure your Operational Technology (OT) environment, you are not alone. Let’s start with the basics: Do you have an Incident Response Plan (IRP) that includes your OT environments and assets? Hint: the...
CS-Paralyzer: CrowdStrike EDR Impairment and Detections for Your Team
Summary In December 2022 we assisted with an incident response investigation where the threat actor was successful in stealthily impairing an EDR agent with malware called “CS-Paralyzer”. In this incident, CrowdStrike was the target EDR and the attack disabled the EDR...
Save Budget and Improve Your Logging and Monitoring Capabilities
In budget-tightening times, a security data pipeline can greatly reduce your SIEM costs and increase log efficiency. SRA has implemented this new approach for many of our clients, helping them realize significant savings by reducing log size and volume ingested by...
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Trends in Third-Party and Vendor Risk Management
Enhance TP/VRM with SRA’s methodology for risk profiling, efficient assessments, and continuous monitoring to secure vendor relationships.
Business Implications of the CLOUD Act
New U.S. CLOUD Act governs access to overseas data, impacting businesses with cross-border data storage. Learn the implications for your company.
Insurance Sales Agent Module Design wins AAA NCNU and Security Risk Advisors GRC team Archer Platinum Innovation award
Discover insights from the Archer User Summit, where global Archer professionals unite to innovate and share success stories.
Highlights of Archer Version 5.5 Service Pack 3
Explore the top Archer 5.5 enhancements, including session timeout alerts and bug fixes for a smoother user experience.
Save time by using Archer-to-Archer data feeds to populate Finding application records
A useful feature of Archer is the ability to automatically generate findings from compliance or risk assessment questionnaires when questions are answered incorrectly (which may indicate that an expected control is not in place). The screenshot below depicts such a...
Getting Started with Business Continuity Management in the RSA Archer GRC tool
Streamline business continuity with Archer BCM Transition, ensuring automated, repeatable processes for robust GRC integration.
Custom employee review process takes advantage of RSA Archer’s In-Line Editing capability
Streamline performance reviews with Archer In-Line Editing, enhancing efficiency across branches in real-time analysis.
RSA Archer: Think “objectives” instead of core modules
Optimize Archer for specific use case objectives to streamline compliance, risk management, and recovery processes.
Securing the Point of Sale Device
Protect against a POS security breach with P2PE-HW principles. Encrypt CHD at swipe and secure key management.
Streamline PCI compliance with a GRC Tool
Ease PCI DSS compliance with a GRC tool. Streamline assessments and enhance security. Contact info@sra.io for solutions.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
PRESS RELEASE: SRA Announces Partnership with the International Rescue Committee, Offers SCALR XDR Pro Bono
Philadelphia, PA: Cybersecurity firm, Security Risk Advisors (SRA), has partnered with the International Rescue Committee (IRC) to provide 24x7x365 cybersecurity monitoring services through its SCALR™ XDR solution at no cost. The International Rescue Committee (IRC)...
PRESS RELEASE: Security Risk Advisors Adds Ignacio Calles as CFO
Philadelphia, PA ---Security Risk Advisors (SRA), a cybersecurity consulting and software firm, is proud to announce the recent hire of new Chief Financial Officer, Ignacio Calles. SRA specializes in providing clients with ethical hacking, cyber defense engineering...
PRESS RELEASE: SRA Adds Mamani Older as Director
Philadelphia, PA - Security Risk Advisors is proud to announce the recent hire of a new director, Mamani Older of Westchester, NY. Older will serve on SRA’s executive leadership team overseeing the direction and operations of the consulting firm that specializes in...
PRESS RELEASE – SRA Designated as a Distinguished Vendor by TAG Cyber Security
Philadelphia, PA – April 16, 2021 – Security Risk Advisors, an industry leader in cyber security consulting and CyberSOC, is proud to announce its designation as a Distinguished Vendor in this year’s Second Quarter 2021 TAG Cyber Security Quarterly. The TAG Cyber...
PRESS RELEASE – Security Risk Advisors creates scholarships for RIT’s Cybersecurity Bootcamp program
Security Risk Advisors is proud to announce the creation of the SRA Next Gen Cybersecurity Scholarships. Through the scholarships, SRA is offering $25,000 for underrepresented professionals looking to enter the cyber workforce through RIT’s Cybersecurity Bootcamp program.
PRESS RELEASE – Security Risk Advisors Announces Expansion in Philadelphia and a New Office in Rochester, NY
For Immediate Release: Wednesday, June 19, 2019 Contact: Amanda Larsen | amanda.larsen@sra.io | (401) 743-6926 SECURITY RISK ADVISORS ANNOUNCES EXPANSION IN PHILADELPHIA AND A NEW OFFICE IN ROCHESTER, NY Cybersecurity and Risk Management...
PRESS RELEASE – Empire State Development Announces Investment in Security Risk Advisors Move to Rochester
For Immediate Release: Tuesday, June 18, 2019 Contact: Shari Voorhees-Vincent | Shari.Voorhees-Vincent@esd.ny.gov | (585) 399-7055 Press Office | pressoffice@esd.ny.gov | (800) 260-7313 EMPIRE STATE DEVELOPMENT ANNOUNCES INVESTMENT IN SECURITY RISK ADVISORS...
PRESS RELEASE – Security Risk Advisors Teammates Chose Non-profits to Receive $120,000 of Donations in 2018
Philadelphia ---Security Risk Advisors (SRA), a Philadelphia-based cybersecurity consulting firm, is proud to report that our teammates chose the 78 non-profit organizations to receive $120,000 of SRA’s charitable giving in 2018. One of SRA values is 'It's Personal'....
PRESS RELEASE – Security Risk Advisors Chosen for 2018 Philadelphia 100 Award
Philadelphia --- Security Risk Advisors (SRA), a Philadelphia-based boutique cybersecurity consulting firm, was named a Philadelphia 100 Award Winner. Philadelphia 100 Awards go to the top 100 fastest growing, privately-held companies in the Philadelphia region. The...
PRESS RELEASE – Security Risk Advisors Celebrates National Intern Day Everyday
A robust co-op and internship program, supported by SRA’s values and strengths, helps foster new workers in the growing cybersecurity field. Philadelphia ---Security Risk Advisors (SRA), a Philadelphia-based boutique cybersecurity consulting firm, was happy to...
Follow us on social media
Browse our Webinars
Access these virtual events on-demand and get valuable insight from our thought leaders and subject matter experts.
Get Curated Security News and Critical Vulnerability Reports
Our Threat Intelligence Gathering & Research (TIGR) team is focused on threat intelligence and curates a daily intelligence report, TIGR Threat Watch, with information collected from several industry intel sources. We also create and publish ad-hoc critical vulnerability notifications in case of critical and time-sensitive vulnerabilities or threats.