A strong penetration testing methodology evaluates the organization’s security posture, is comprehensive, and is not entirely automated. But to be comprehensive, your pen test should cover these seven steps or phases:
Subscribe to Our Blog
Follow everything RedLegg as we provide comprehensive solutions for real-world data protection and security challenges.
With the complexity of software and network architecture increasing with every passing day, closing security loopholes ...
Mobile apps are just as susceptible to risk as any other platform. In today’s connected world, a single app attack on ...
The cybersecurity field is becoming ever more fractured and specialized. Even the most seasoned IT professionals can ...
As you look to build your threat and vulnerability management program, here are RedLegg’s considered top security risks.
In your efforts to fix everything, here’s RedLegg’s cyber-news update, featuring some of the top vulnerabilities, ...
It seems like every day we hear about another security breach that damages a company’s reputation. IT professionals are ...
During a pen test, enumerating and targeting web applications can be a cumbersome and time-consuming task. In this ...
With the recent wave of cyber attacks on enterprises such as the European Central Bank, Sony Pictures Entertainment, ...
Building an effective cybersecurity infrastructure takes time. With the threat of malicious attacks increasing with ...
If you store data on your organization’s network, you want to keep the network as secure as possible, without any ...
Open-source intelligence (OSINT) is generating more buzz every year in security spaces, from employee training programs ...
A year after the European Union’s General Data Protection Regulations (GDPR) went into effect, we’re starting to see ...
It’s been a year since GDPR (General Data Protection Regulation) went into effect in the European Union. At the time it ...
There is no shortage of companies that say they are experts at conducting pen tests. Determining which vendor is the ...
“You are not protected against social engineering threats.” This is a scary statement to throw in front of network ...
Today’s workforce is increasingly mobile. Mixing professional and personal devices at work and at home is now ...
Although often used interchangeably, Vulnerability Assessment (VA) and Penetration Testing (PT or pen testing) are ...
REGISTER FOR THE JULY WORKSHOP HERE On February 28th, RedLegg hosted a successful full-day workshop in Chicago for ...
Vulnerability scanning (vuln-scan) is the process of finding exploits, flaws, security holes, insecure access entry ...
Your Managed Security Services provider is a crucial player in your overall security posture, and our number one goal ...
Network security is an ongoing task: you need to continuously scan for threats, assess vulnerabilities in your network, ...
The last couple years have been a challenge to businesses that haven't yet fully addressed their cybersecurity issues. ...
Data is the building block of everything we see and do in the Digital Age. But our reliance on data goes beyond that. ...
Every day, there seems to be a news story about the latest data security breach. Guarding the privacy of company ...
Securing organizations using policies and technical controls are critical; however, unless these controls and policies ...
Go back to part one 4. Device loss/theft GDPR and other privacy mandates are just one end of the spectrum of concerns ...
A shocking reality of today's world is the availability of cybercrime as a professional service: in the event of a ...
Many publications compare Managed Detection and Response (MDR) to Managed Security Services (MSS), but this premise may ...
Consider these 12 items to prepare for the new General Data Protection Regulation (GDPR), arguably the most important ...
The European Union General Data Protection Regulation (EU GDPR) is a set of rules governing how organizations that have ...
Plan for a three-phased approach to establishing GDPR compliance across your organization.
Join the RedLegg team, customers, partners, and friends on December 20th for our annual holiday celebration. Come ...
Security posture is a concept that has changed very little through time. Protect all sides, restrict access, monitor ...
Metrics here, metrics there, metrics everywhere—it can be daunting. How do you choose a cybersecurity services ...
If you search the word 'Cloud', you get synonyms like darkness, fog, gloom, puff, and even pea soup, with verbs like ...
As IT continues to grow more complex, managing security through Security Information and Event Management (SIEM) ...
Last month, the world’s fourth most popular social media site was attacked and successfully breached by an unknown ...
Whether your business is large or small, it’s always necessary to keep your data secure. There are a lot of companies ...
As of just last week (mid-July), yet another Bluetooth exploit has been discovered. On average, a Bluetooth device is ...
Alexander Pope once said, “To err is human; to forgive, divine”. Clearly, Pope never had to deal with being a CISO and ...
The term “password walking” refers to passwords formed from keys located close to each other on a keyboard. Many people ...
The importance of the customer experience in an industry that is not typically known for its warmer customer focus is ...
The age of server-side ransomware is here. On March 22, 2018, the hacker group known as SamSam gained access to the ...
As the popularity and use of Apple’s technologies increase, the importance of iCloud security increases as well. The ...
Smart phones have been rising steadily in popularity, and are now used to access the internet more often than desktop ...
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna ...
Who we are, what we’ve been up to, and where we’re going
Rapid Reporting of Industry-Specific Threats Just how many phishing threats does your organization or industry face at ...
In 2017 there were nearly 150 million user accounts exposed in security breaches, an astounding number! Research ...
This week, we want to talk about securing Wireless Networks. Wireless communications have become nearly ubiquitous, but ...
This week we want to talk about avoiding phishing emails. Check your headers!
According to Cisco's 2015 Annual Security Report, 91% of companies employ an executive with direct responsibility for ...
This week we want to talk a little about encryption. Implementing encryption can help keep data protected from the ...
This week we would like to talk about password management. Compromised credentials are one of the biggest factors in ...
Food A common thing that can bring even the most opposite parts of the world together to enjoy and celebrate each ...
So, you think you’re safe. You’ve got a tech guy, he’s your top salesman’s nephew. He does the job, he can plug in ...
Artificial Intelligence (AI) remains a highly polarizing topic that individuals either support, or reject. As we move ...
Bitcoin, in case you have been living under a rock for the past six months, has been skyrocketing in price lately. ...
The RedLegg team has been fielding calls from clients, friends, and family about these vulnerabilities that have been ...
The beginning of every new year provides the opportunity for a fresh start and a new set of things to look forward to. ...
Everyday more and more reports come out of people’s sensitive information being compromised due to a hack. In a world ...
Cool brisk air, the smell of pine as I decorate the tree, and the merriment coming from my family...tis the holiday ...
Once upon a time businesses did not care much about security. It was mostly about web filters, anti-virus and ...
There is so much data out there. It makes my head spin and want to put out more fake data to confuse and oh so I have.
As RedLegg is expanding and growing with different generations and kinds of people I’m feeling the need to reflect of ...
Rumor How can a Managed Security Services know my business? Only someone full time will understand!
This is an exciting time for RedLegg. August 2017 marks our 9-year anniversary with our first RedLegg sales order ...
Since November, we have witnessed a spike in stock prices across markets in the U.S. Leading this surge in prices you ...
Master Tickets The ticketing systems primary responsibilities within the SIEM system are to organize, describe and ...
What Happened Yesterday another large malware outbreak occurred via Windows Machines affecting more than 200,000 ...
Make sure your virus and software protections are up to date We all saw this in recent cyber-attack "WannaCry" not ...
Is there a secret cord? A secret magic sauce that helps some Information Security Teams succeed and others to be ...
For a small/medium business it is very easy to be overwhelmed in Infosec.
It is good to know that the perpetrators have not yet been profitable in their massive global cyber ransomware attack ...
The hardest part is consistency and getting in the rhythm. If you say you are going to do that AM practice swim, do it. ...
There does not need to be a choice about having an on premise SOC or outsourced MSSP. A Co-Managed Security Services ...
Managed Services companies operate similarly for the most part. Benefits include 24x7, Vendor Certifications, Staff ...
All organizations need Security Leadership but not all are able to afford the rate of a full time talented employee. It ...
The procurement part of Penetration test is DEAD. If you pick your Penetration Testing company based on having to ...
t is all too easy to find out key company and individual information on public websites or LinkedIn. You can also ...
Effectively, EVERY regulatory mandate or security framework requires some form of log management to preserve a trail of ...
Meant for companies & people with taste. Invented by the people, for the people. Always have a choice. Pick a different ...
