Secure Triad
Secure Triad is a professional penetration testing services company based in Sydney, Australia.
Why You Should Conduct Regular Security Assessments? 24 Mar 6 Reasons, Why You Should Conduct Regular Security Assessments Posted at 18:45h in blogs by Cyril.
11 Popular Penetration Testing Tools for Web, Mobile and Network. 18 Mar 11 Popular Penetration Testing Tools for Web, Mobile and Network Posted at 20:04h in blogs by Cyril Have you been searching for a penetration testing tool that would best serve your security testing requirements for web applications and networks?
Do you want to compare and analyse different penetration testing tools and decide on which one(s) would be best suited for your enterprise? Or are you simply curious to know which tools are out there and what their features are? If yes, then this blog has you covered. Whether the pen test is conducted for regulatory compliance, security assessment, or strengthening the IT environment’s defense against cybersecurity threats, a combination of the right tools is crucial. Web Application Security Threats and Measures to Protect Them. 12 Mar Top Security Threats to Web Applications and Measures to Protect Them Posted at 00:03h in blogs by Cyril Data privacy and protection are two imperative aspects for all businesses today as they could be prone to security breaches.
Many small and medium organisations tend to ignore application security as they believe only large enterprises are targeted by hackers. However, statistics tell a different story, 43% of cybercrimes happen against small businesses. There are several reasons behind a cyber-attack against these organisations’; from old, unpatched security vulnerabilities to malware or human errors which make take them a lucrative target for attackers.
Budgeting for cyber security for an enterprise. The What, Why, and How of API Penetration Testing - DZone Security. I have come to realise and appreciate when having conversations about API Penetration Testing with colleagues and other professionals that not all understand what API is.
Yes, sure it means an Application Programming Interface, and it is a software component that enables different systems/applications to interact with each other, but there is a bit more to its story… The most common description for API is that it acts like a messenger to send a request from an entity (a person or an application) to another application and get a response.The API is a system in itself; it is a toolset consisting of codes and commands that can be used across multiple applications, can be reused, and go a long way in making the lives of developers easy and productive, as they do not need to create code from scratch.As a system/application user, we do not need to know what the API is made of.
If we had to draw a parallel with everyday life, let’s consider the post office. Gathering information Exploitation. The Dark Web. What is The Dark Web? Everything You Need to Know. 11 Feb The Dark Web: What You Need to Know?
Posted at 21:57h in blogs by Cyril Life exists beyond Google- Really? Yes, the internet is so vast, and Google is only the tip of the iceberg. The reason we are saying so is that Google contributes to the surface web that covers only 5% of the World Wide Web. The remaining 95% of the web is still inaccessible to us. Dark web or deep net or darknet, neither of the terms is ominous, but despite all the negative connotations associated with it, new dark websites pop up every day.
People used to indulge in illicit dealing of drugs through encrypted messages on the Silk Road and engaged with the community. Cyber security threats and measures for eCommerce companies in 2021 - Secure Triad. 08 Feb Cyber security threats and measures for eCommerce companies in 2021 Posted at 19:14h in blogs by Cyril.
Network Penetration Test - Secure Triad. AI and the Changing Cyber Security Landscape in 2021. 19 Jan Artificial Intelligence and the changing Cyber Security landscape in 2021 Posted at 19:10h in blogs by Cyril Google Maps suggesting optimal commute to and from work and alerting about congestion on roads.
Self-driving cars will significantly reduce the number of road accidents and keep commuters safe. Email inboxes becoming smart enough to reply to emails on behalf of a person. OCR software that deciphers handwritten cheques enabling people to deposit cheques via a smartphone app. Social networking sites identifying friends and family in a photo and suggesting tagging them. The What, Why, and How of API Penetration Testing. How to Keep Mobile Phones Secure? Secure Triad. 11 Jan HOW TO KEEP MOBILE PHONES SECURE?
Posted at 18:32h in blogs by Cyril James Smartphones are an inseparable part of our lives. If our phone is taken away from us for even a day, for most of us it’s like being deprived of a basic need. We store all kinds of data in our phone – contacts, photos, videos, personal data, documents; we use numerous apps for making our lives easy – banking, insurance, online shopping, stocks, real estate; We rely on our phones for communication and socialising – chatting and video calling, social media, emails, professional groups; the list is endless with what phones can be used for.
Access photos and videos and use them unethically.Access the contacts in the phone and harass them by crank calling, or sending unethical or threatening messages, or worse.We log in to apps and never log out. Cloud Penetration Testing. Mobile Application Penetration Testing Services. Web Service and API Penetration Testing Services. Internal Penetration Testing Services. External Penetration Testing Services.
Twitter Account Hack - The Truth Revealed - Secure Triad. Do you have a Twitter account?
It seems almost silly to ask the question at a time when the entire world lives on social media. Everybody, from my aunt to U.S. President Donald Trump has at least dabbled in it, if not use it everyday to tell the world what they ate for lunch. That’s why, when on a seemingly simple Wednesday (July 15, 2020), Twitter suddenly went into protective overdrive, tongues began to wag. Within a few hours, it was evident that Twitter had been the victim of a cyber breach. And above all, could it all have been prevented? That’s what we’re going to explore today. The Incident And What We Already Know According to the information posted on the official Twitter blog, events unfolded somewhat like this. By means of the breach, the attackers took control of tools that are normally only available to Twitter’s internal support staff. Cloud-based Security Threats: A Primer - Secure Triad.
Cloud security is one of the most hotly debated and widely discussed topics in business circles.
Today, most businesses have seen a rapid shift from regular, workstation bound software services to the cloud, making them more vulnerable to cyber threats. Reasons businesses migrate to cloud systems, such as AWS and Azure, include anywhere access, ease of use, flexibility, reduced costs, increased collaboration, achieving a competitive edge and more. Clouds offer a simple, ubiquitous and device-independent business systems and data access that’s simply alluring While there’s no denying the fact that the cloud industry is growing exponentially, there are several critical aspects to be aware of in order to keep cloud-based security threats at bay..
The Why and How of Social Engineering. In today’s world of increasing cyber-dependency, both businesses as well as personal transactions are reliant on digital modes of information exchange. Whether it concerns communication between business partners or company departments, most of us rely on emails and other online modes of information exchange. There’s no denying that these communication channels are super convenient and easy, they could pose a serious threat to the safety and integrity of cyber systems, if not managed securely. The rapid proliferation of digital crime has made terms such as social engineering and it’s sub-parts such as phishing a part of the common vocabulary. Yet, how much do we truly know about these modes of attack? AWS Penetration Testing Services. GCP Penetration Testing Services. There are a variety of ways in which cloud environments can be compromised and misconfiguration of servers can expose your environment to external attackers.
However, external attackers are not the only threat, internal employees can also cause tremendous damage. They should be closely monitored due to several reasons such as potential of their own malicious intent/activity, potential for making mistakes that open a security loophole or by unintended action, or even falling prey to external attackers’ techniques. --> More GCP pen testing enables your organisation to effectively assess the security posture of your applications and infrastructure that usually would not be directly evaluated during a traditional pen test. GCP pen testing is an authorised hacking attempt against a system hosted on the platform. Microsoft Azure Penetration Testing. Microsoft has set forth several protocols that must be followed if you choose to conduct Azure penetration testing. However, no prior approval is required to conduct penetration tests on Azure services, as of June 2017.
While this helps save time during the pre-engagement process, there are several factors to be considered before testing your Azure environment. The following activities are prohibited when carrying out penetration testing Scanning or testing assets belonging to other users or businessesObtaining access to data that you do not ownExecuting a denial of service attackPerforming network intensive fuzzing toward any other machine besides your own Azure virtual machineConducting automated penetration testing that results in high traffic volumeSurpassing “proof of concept” repro stepsViolating Microsoft’s Acceptable Use PolicyAttempting social engineering attacks such as phishing against Microsoft employees.
Web Application Penetration Testing Services. Home - Secure Triad.