Remote browser isolation (RBI) has many use cases, but has found a popular use case with secure web gateways (SWG). While SWGs can block known bad websites and allow known good ones, the gray area of uncategorized and security risk websites is a challenge for most SWG deployments. If you allow them, your inline defenses and endpoints are exposed and may miss evasive malware, macros, malicious scripts, and phishing attacks.

To the average person, weather forecasts inform whether or not they need to bring an umbrella to the office. But to some, it can be quite literally a matter of life and death. Organizations like the European Center for Medium Range Weather Forecasting (ECMWF) sit at the center of a web of highly sensitive operations, providing them weather predictions and reports.

At the beginning of 2019, 60% of companies responding to the Insider Threat Report survey reported that they were planning to implement a data loss prevention (DLP) solution. For a few years, organizations have been aware that they need to add data loss prevention (DLP) tools and software to their technology stack in order to safeguard sensitive information collected and stored` However, there’s a common misconception that DLP is just one “thing”.

Modern privacy regulation is centered around the concept of personal information. The General Data Privacy Regulation (GDPR) popularized it, but since then similar initiatives—like the California Consumer Privacy Act—have expanded on the definition of "Personal Information." If your application collects any kind of information about your users or customers, it is important that you track when, how, and for what purpose you are collecting their data.

Design quality audits are sometimes overlooked in software due diligence, but they are vital to understanding the overall health of a company’s software system. When software is part of an M&A transaction, performing technical due diligence is a critical part of the process. There’s a lot to cover when it comes to software due diligence, and you can learn more by reading our take on the specific areas of the process, but today we’d like to discuss software quality.

We believe that continuous communication with our clients prior to, during, and, after a penetration testing engagement is vital to ensure that you get the best service from us. In this blog post we would like to discuss the events that should take place once you receive your penetration testing report so you can gain the most value from our services.

December 2020, the weeks before Christmas, saw an increase in reported malware activity that culminated most prominently in the Sunburst Trojan attacks - events that are still developing as of today. As we were asserting our readiness to respond to new threats under our watch, we identified a suspicious executable being copied to a remote network share.

In this blog we will explore several ways that Alternate Data Streams (ADS) are abused by attackers to hide files and evade detection, defences based on them (and ways to bypass those defences!) but also how they can be used to help malware evade dynamic analysis.