In the News
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Office of the CISO
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Tools
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
My Journey to Becoming a Purple Teams MC
Discover the journey from penetration testing to leading Purple Teams. Learn how collaborative Purple Team exercises bridge the gap between offensive and defensive security, improve detection and response, and foster meaningful knowledge transfer.
The Entra-nce to Tenant Maturity
SRA has developed a maturity strategy for identity and access management (IAM) in Entra ID. The goal is for our clients and readers to achieve the “Modern” maturity level and aspire to be at the “Advanced” maturity level.
Limiting WMI Lateral Movement via DCOM Permissions
If you are looking for a way to curb WMI-based lateral movement – and especially if you do not want a dependency on another control, such as a firewall – DCOM permissions may prove to be a useful method that works with traditional configuration management.
Purple Team PSA: Disable Device Code Flow
Microsoft refers to device code flow as ‘high-risk’ and even “recommends blocking/restricting device code flow wherever possible”. Why? Because it might be leaving your organization vulnerable to one of the most persuasive and impactful social engineering attacks I’ve seen in my career – device code phishing.
Efficiently Managing Hundreds of Purple Teams
In 2024 Security Risk Advisors delivered over 170 Purple Teams to our clients. Supporting the technical execution of our Purple Teams we use strong project management techniques that not only make high-volume service delivery efficient but also quite manageable.
Get Off the Neverending AI Treadmill and Secure Your Organization
This blog explores why enterprises should resist the urge to chase the latest LLMs and instead focus on securing AI adoption through cloud-based platforms like Azure, AWS, and Google Cloud. Learn how strategic AI implementation can align security, IT, and innovation for long-term success.
AI vs. AI: Red Teaming with PyRIT
This article showcases use of open source tools to use AI LLMs to attack other AI LLMs to identify security vulnerabilities.
Entra ID to the Rescue: Streamlining Identity Access Reviews with a Dash of Governance
The blog highlights the challenges of managing identity access reviews in complex environments and emphasizes the benefits of using automated tools like Microsoft’s Identity Governance to streamline these processes. Security Risk Advisors (SRA) offers custom solutions to help organizations implement and report on access review results, enhancing compliance and efficiency .
Security Risk Advisors Earns Microsoft Solutions Partner Designation for Infrastructure (Azure)
We are excited to share that Security Risk Advisors (SRA) has achieved the Microsoft Solutions Partner designation for Infrastructure (Azure)! This recognition reflects our proven expertise in accelerating clients' migration of critical infrastructure workloads to...
Building Practical Resilience: The Table-Top Exercise (TTX) Execution Playbook
This playbook on facilitating an effective TTX can help lead you to success. Whether you run them yourselves on call or have an external organization like SRA to help facilitate, they should stoke conversations that lead to meaningful improvement, role clarity, and help make a real incident a little less painful.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
SiteKiosk Breakout
Enhance your HR kiosks’ defense with our Kiosk Security Review, preventing unauthorized access and ensuring robust protection against exploits.
BSides NOLA 2017 – Your New Red Team Hardware Survival Pack
Discover the Red Team Hardware Guide from BSides NOLA 2017 for advanced security tactics and protection strategies.
Getting the GAL
Strengthen your security with Brute Force Defense strategies to protect remote access portals and detect single-password attacks effectively.
Baiting the C-Suite with Panama Paper Hysteria
Learn to navigate the Whaling Cybersecurity Threat, a high-stakes spear-phishing tactic targeting top executives, and bolster your defenses.
Using CA Process Automation to Get Command Execution as SYSTEM
Leverage CA Process Automation Exploit insights to secure port 8080 against default credential vulnerabilities and enhance network defense.
Plastic Beach: Gaining Access to CDEs
Secure PCI systems with our PCI Penetration Testing, ensuring trophy assets like CDE and PANs are protected against advanced threats.
Beaconing Past McAfee ePO
Enhance security with Advanced Threat Simulation, testing detection against sophisticated cyber threats and toolsets.
2014 Pittsburgh Security B-Sides
We recently presented at the 2014 Pittsburgh Security B-Sides on the topic of gaining physical access to facilities. From social engineering to cloning RFID badges, we discuss ways attackers can gain access as well as ways to protect your critical physical...
Social Engineering Past 2-Factor Authentication
Uncover how training gaps can render two-factor authentication flawed. Secure your network with better practices.
User Enumeration
Thwart user enumeration in web apps with our expert tips. Secure login and registration now.
FSOEP Presentation: Web Banking & Fraud: Corporate Treasury Attacks
Learn to shield corporate treasury from attacks with our FSOEP talk on robust defense strategies. Safeguard your financial systems.
LetItGo: A Case Study in Expired Domains and Azure AD
By identifying and purchasing an expired domain tied to an existing Azure AD organization, an anonymous attacker can use PowerBI or PowerAutomate to create an account and gain access to that organization’s tenant, including resources shared within that tenant (e.g., OneDrive, SharePoint, etc.). The attacker is effectively a “domain user” in that tenant. SRA created a tool called LetItGo that queries an organizations’ domain listing and returning any domains that are expired.
Cloud Security Posture Management (CSPM): An Emerging Control in Cloud Security
Understand what Cloud Security Posture Management is, where it fits into your current program, & get insight based upon our experience.
Understanding and Preparing for the Shift to XDR
The CyberSOC model is changing, driven by cloud adoption and improvements in detection technologies on tools like Endpoint Detection and Response (EDR). Extended Detection and Response (XDR) is the realization of these changes, putting less pressure on the SIEM to...
Malware Analysis: A General Approach
TL; DR Malware analysis has many benefits to organizations and their defenders; however, most organizations do not have processes defined for performing these actions. This post will walk through the questions that malware analysis can answer along with defining an...
SolarWinds Breach: How do we stop this from happening again?
The SolarWinds breach is perhaps one of the worst, if not the worst public hacking events in history. Much has been written on what happened, and I’m not going to regurgitate those details. There is inestimable complexity ahead for CISOs to try and identify the extent...
User Data Leaks via GIFs in Messaging Apps
An investigation into how Teams, Discord, and Signal handle Giphy integrations When everyone is working from home, a well-timed GIF sent to...
Getting Specific with Ransomware Preparedness
Most industry ransomware guidance is focused on SMB protections for commodity malware that exploits low-hanging fruit via worming and trashing share drives and document folders. “Have good backups” is still good advice, but there is much more we can do and with more...
Automated Detection Rule Analysis with Dredd
Stay ahead in cybersecurity with Dredd: automate Sigma rule testing against Mordor datasets and IDS rules evaluation with PCAPs for robust defense.
Selective Kerberoast Prevention using DACLs
Selectively prevent Kerberoasting that uses discretionary access control lists (DACL) to limit the number of accounts that can request service tickets.
Impossible Travel
As physical offices have cleared out and VPNs and remote access solutions are maxing out, many IT security departments have a sudden new challenge: how to identify an attacker with all this new noise at the border? It was hard enough finding an attacker coming into...
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Top 5 Benefits of Implementing a GRC Tool
Discover top GRC tool benefits for streamlined audits and compliance. Enhance reporting and stakeholder relations with a unified approach.
ThreatView – August 2012 QSA vs ISA
Uncover the differences between QSA and ISA for PCI DSS compliance in our ThreatView whitepaper.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
BSides PGH 2018 – Heavy Machinery and Burly Lumberjacks and Logging! Oh My!
Discover SRA’s Red Team SIEM strategies and tools presented at BSides PGH for efficient cyber engagement management.
PRESS RELEASE: Security Risk Advisors to Present at NH-ISAC 2018 Spring Summit
May 7, 2018, Philadelphia, PA – Security Risk Advisors will be presenting at the National Health ISAC 2018 Spring Summit on May 16th, located at the Sawgrass Marriott Golf Resort & Spa in Ponte Vedra Beach, FL. Mike Pinch, Director of Threat Management at Security...
IN THE NEWS: Why this cybersecurity firm ditched the virtual model for an office in Philly
"Things were going well for six-year-old cybersecurity firm Security Risk Advisors as a virtual company with no official HQ, said managing director Tim Wainwright. And yet Monday night, with a visit from Commerce Director Harold Epps and Councilman Derek Green,...
PRESS RELEASE: Security Risk Advisors to Present at NH-ISAC & Aviation ISAC Spring Summit 2016
May 6, 2016, Philadelphia, PA – Security Risk Advisors will be presenting at the National Health ISAC & Aviation ISAC 2016 Spring Summit on May 12th, located at the Walt Disney World Swan and Dolphin in Lake Buena Vista, FL. Dave Mertz, Threats Management Director...
PRESS RELEASE: Security Risk Advisors to Present at 2016 FS-ISAC Annual Summit
April 26, 2016 | Posted in Blue Teams April 26, 2016, Philadelphia, PA – Security Risk Advisors will be presenting at the 2016 FS-ISAC Annual Summit on May 4th, located at the Loews Miami Beach. Antonio Crespo, Consultant at Security Risk Advisors, and Vas...
Follow us on social media
Browse our Webinars
Access these virtual events on-demand and get valuable insight from our thought leaders and subject matter experts.
Get Curated Security News and Critical Vulnerability Reports
Our Threat Intelligence Gathering & Research (TIGR) team is focused on threat intelligence and curates a daily intelligence report, TIGR Threat Watch, with information collected from several industry intel sources. We also create and publish ad-hoc critical vulnerability notifications in case of critical and time-sensitive vulnerabilities or threats.