SecurityTrails Blog

Man-in-the-Middle Attacks: When Three's a Crowd.
SecurityTrails Blog · Jan 26 · by Sara Jelen

Man-in-the-Middle Attacks: When Three’s a Crowd

When you’re browsing the web, you would expect that your communications and the information exchanged are kept private, having not been tampered with in transit. Whether it’s merely login credentials, personally identifiable information or even bank account details, we exchange a lot of information on the Internet every day—and while we expect the utmost security, that certainly isn’t the rule.

Why Not to Set Domains to Private IPs.
SecurityTrails Blog · Jan 21 · by Gianni Perez

Why Not to Set Domains to Private IPs

“An ounce of prevention is worth a pound of cure.” ― Benjamin Franklin The concept of risk is ubiquitous across the cybersecurity landscape. In this day and age, it is difficult to envision any security-conscious organization not having alluded, hopefully more than once, to the serious consequences attached to avoiding the subject, particularly when it comes to protecting its most sensitive digital assets and personal data.

Attack Surface Monitoring: Definition, Benefits and Best Practices.
SecurityTrails Blog · Jan 19 · by Sara Jelen

Attack Surface Monitoring: Definition, Benefits and Best Practices

The firewall, IDSs, EDR platforms and proxies are your first line of defence. They’re the locks to your entire network, and your scanners are the security cameras that allow you to see what goes on inside. And while these security controls traditionally help to achieve a decent security posture, the threat landscape is rapidly and constantly changing—along with your attack surface.

Top 5 Tips for Securing Your Dev & Test Environments, and Why You Should.
SecurityTrails Blog · Jan 07 · by Gianni Perez

Top 5 Tips for Securing Your Dev & Test Environments, and Why You Should

In his seminal work, The Mythical Man-Month, Frederick Brooks Jr. tells us that software development is homologous to a tar pit where many efforts flounder regardless of the appealing nature of the task or the relative tractability of the underlying physical medium. In what he calls one of the “woes of the craft”, the author goes on to explain that the pervasive optimism among programmers regarding the conception of a software project is rarely maintained after we take into account the set of complex interdependencies commensurate with others’ skills and objectives.