Archive

As organizations operate with increasingly constrained security resources and accelerated development timelines, traditional point-in-time penetration testing no longer provides adequate protection.

Penetration testing (pentesting) has fundamentally changed. We now have AI assistants analyzing attack paths and automated scanners running continuously, upending testing as we know it.

September 8, 2025 Penetration testing, or pen testing, remains a cornerstone of modern cybersecurity.

A Deep Dive into Password Cracking Techniques When it comes to securing almost anything in this digital age, passwords are often the first, and sometimes only, line of defense.

August 27, 2025 A well-known red team tactic for blending Command-and-Control (C2) traffic in with legitimate network traffic involves utilizing Amazon Web Services (AWS) CloudFront redirectors to mas…

Traditional on-premises infrastructure has relatively clear security boundaries.

Missed Part one of this two-part blog series? Read it first to learn how Purple Teaming is elevating cybersecurity testing beyond a one-and-done checkbook exercises so that your pen test moves the nee…

Security testing is one of the best ways to ensure that your defenses can handle whatever is coming next.

December 19, 2024 As web, thick client, mobile, and IoT applications have become more robust, authentication and authorization has become an incredibly complex and sophisticated problem.

June 20, 2024 TL;DR: Compromise of an SCCM administrator account can easily lead to compromise of every machine managed by SCCM.

May 2, 2024 Authors: Marshall Price and Connor Dowling TL;DR: SCCM Network Access Accounts (NAA) are frequently used despite being associated with several attack primitives.

March 28, 2024 Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account and SCCM machine account.