Recently a diligent security professional, Kushagra Pathak, discovered a surprising amount of sensitive data on Trello. He didn’t use an exploit kit available on the dark web, engage in social engineering or exploit a known vulnerability. @xKushagra simply used a somewhat well-known dork to search the web: inurl. The lack of sophistication needed to discover … Continue reading Secrets And The Use Of Cloud Services
GDPR Preparation Considerations
If you haven’t heard compliance with the General Data Protection Regulation (GDPR) is around the corner, and it’s not going away. As of May 25, 2018 organizations offering goods and services to EU citizens or monitoring their behavior must comply with GDPR. To some the regulation may seem to be onerous, but it’s the right … Continue reading GDPR Preparation Considerations
Threat Intelligence: A Path To Taming Digital Threats
Threat management continues to be a hot topic within cybersecurity, and rightfully so. Understanding the evolving technical and behavioral threat landscape and adapting mitigation controls is the key to proactive risk management. Actionable threat intelligence is critical to enabling effective threat management. It provides visibility into the temperature within the threat actor community, what they … Continue reading Threat Intelligence: A Path To Taming Digital Threats
Thoughtful Technology Partners LLC 