Blog
Domain Exposure Via Qualys SSL Server Test
All it takes is one click. In this article, find out how domain exposure can come about as you conduct an SSL Server Test and what you can do to prevent it.
Privasec’s Essential 8 Maturity Assessment
In the latest episode of our #WDWD series, meet Team Lead Alydia Bens as she introduces Privasec’s Essential 8 framework, which focuses on three key objectives — prevention, limitation, and recovery — to help organisations build a baseline to mitigate cyber security incidents.
PDF Generator Best Practices
The dangers of using server-side PDF generation technologies without properly sanitising user input.
Privasec and Shamane Tan Named Finalists for Australia Defence Industry Awards 2021
Privasec and Shamane Tan have been named finalists at the Australia Defence Industry Awards 2021 in the Cyber Business of the Year and Marketing/Communications Professional of the Year categories respectively.
Demystifying Two Different Worlds: A Look into ISO 27001 and Red Teaming
Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.
But what actually happens during a Red Team and how does an Attack Simulation work in practise?
Cyber Readiness for Financial Institutions
Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.
But what actually happens during a Red Team and how does an Attack Simulation work in practise?
What happens during a Red Team Attack Simulation?
Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.
But what actually happens during a Red Team and how does an Attack Simulation work in practise?
Updates To ISO 27002 And Its Impact
With the pending updates to the ISO 27002, it is now more well-rounded for tackling information security risks. What remains a constant, is the purpose of the standard to provide implementation guidance on security best practices for compliance to ISO 27001.
A Beginner’s Guide to CORIE
The CORIE Framework – is a new approach to assessing cyber maturity and resilience and you definitely need to be investigating it this year.
Cyber Resilience Summit NSW 2021
Privasec is a proud sponsor for the Cyber Resilience Summit NSW 2021 at Dockside Darling Harbour in June. It was an enjoyable event organised by Forefront Events, where the team from Privasec met and learned from senior security and cyber risk professionals in the industry. We heard perspectives from multiple sectors around the theme of improving cyber posture to manage threats. A strong lineup of CISOs and security speakers explored common cross-industry security challenges and potential solutions to safeguard organisations’ integrity, technology and assets. Speaker Jacqueline Jayne, who is the Security Awareness Advocate at KnowBe4, covered the 7 dimensions of security culture: Attitude, Behaviours, Understanding, Knowledge & Awareness, Communication, Policies, Unwritten Rules of Conduct. The question she left everyone with, was: “Do your people understand why cyber security is everyone’s responsibility ? Do they know that everyone has a critical role to play?”. Some of the other highlights from from the CISOs and industry leaders such as Bradley Busch, Mark Smink, Dave Cowan, Saleshni Saleshni, Wilson Chiu, Daminda Kumara, Ajay Dua, and Dali Kaafar include: The importance of simplifying staff and customer experience with security; How we can lean on our partners and suppliers for scale and availability if an organisation …
Red Team Incognito War Stories: Crashing down the castle wall through deception
The impact from a lack of security awareness training through the eyes of a recent red team engagement performed by the Privasec Red team.
A Dummy’s Guide to SOC 2
SOC 2® reporting solves the issue of how a business leader can trust that a service provider is taking its obligations seriously by conducting a SOC 2® Type 1 and Type 2 report to evaluate data protection systems and procedures.