SECURITY LABS

When and where cyber security took a wrong turn? And how you can regain control of your company’s security posture

The cyber security industry appears to be struggling to keep pace with a seemingly never-ending stream of new vulnerabilities exposing organisations to ransomware attacks, corporate espionage and worse. Trade shows such as InfoSecurity Europe 2017 host hundreds of new “off-the-shelf solutions” that claim to provide cybersecurity at a stroke. The million dollar bet here is whether a custom made solution based on the company’s precise needs with full interoperability would be possible.

READ MORE
Hewlett Packard Enterprise (HPE) Worldwide Case Study about Obrela

Today’s vendor driven approach to cybersecurity which continues to add more and more layers, is not sustainable. With a mathematical certainty every security model will inevitably fail at least once, regardless of the defense and technology sophistication involved.

READ MORE
WannaCrypt ransomware attack

A new ransomware that has been spread since 12th of March worldwide affecting hundreds of thousands of Windows computers and for which you should be considering the application of an emergency security patch update that Microsoft has released few hours ago.

READ MORE
Undetectable Metasploit WAR

A possible attack path during a penetration test is having access to the administrative console of a JAVA Application Server (like WAS, JBOSS and Tomcat) installed on a Windows server with default or guessable (e.g. through brute-force) administrative credentials.

READ MORE
Fast Forward Brute-Forcing Apache Tomcat 6/7/8

Just a way around Apache Tomcat "brute-forcing" delay mechanism...

READ MORE
Real Time Risk Management

Operational security requires a continuous process of awareness, preparedness and readiness. It is a highly demanding, cross-domain activity that requires effective communication and coordination between people that often have different knowledge and perspective for information security within the organization. It is neither a fixed cost nor a fixed duration project; rather an on-going business program with strategy, plans, objectives and stakeholders.

READ MORE
Swordfish Technology Brochure

SWORDFISH enables our clients to dynamically manage their security framework, enforce management, operational and technology security controls, assess compliance with regulations, policies and standards, and analyze our risks in real time. All under a single console.

READ MORE
Exposure Management Brochure

By simulating real attacks, identifying potential weaknesses at any IT component and by researching for new attack vectors, we assure a solid IT security level for our clients.

READ MORE
Web Application Security Brochure

Swordfish Web Application Security provides an innovative model to help businesses protect their brand and online information, incorporating a state-of-the-art transparent security layer over their web applications.

READ MORE