Blog Home

SecurityTrails Blog

Making Cybersecurity Accessible with Scott Helme.
SecurityTrails Blog · Dec 15 2020 · by Sara Jelen

Making Cybersecurity Accessible with Scott Helme

Global connectivity benefits our world in numerous ways, however, that same connectivity also poses a potential cyberthreat that is often overlooked. There is no easy solution for combating the rising threats in our hyperconnected world. Now more than ever, cybersecurity is imperative for both businesses, governments and educational institutions, and individuals and families. For cybersecurity to effectively slow down the rising cyber threats and attacks, everyone needs to be part of the solution.

5 AWS Misconfigurations That May Be Increasing Your Attack Surface.
SecurityTrails Blog · Dec 10 2020 · by Gianni Perez

5 AWS Misconfigurations That May Be Increasing Your Attack Surface

Not all data breaches are created equal. While many remain the product of technical prowess so often associated with malicious actors, a burgeoning amount can be attributed to security misconfigurations and overly-permissive entitlements plaguing cloud ecosystems around the globe. Close to 70 percent in fact, according to a survey conducted by Ermetic, an identity and data protection firm.

What is Privilege Escalation? Types, Techniques and Prevention.
SecurityTrails Blog · Nov 24 2020 · by Sara Jelen

What is Privilege Escalation? Types, Techniques and Prevention

When attackers attempt to steal data, having insider access to a system is their best bet. And if that insider access is gained through a privileged account that holds the keys to critical systems and data, that would be like hitting the jackpot—but only for the attackers. This is why we consider privilege escalation, the attempt to compromise an account and then expand its privileges, a key component of nearly all advanced cyber attacks.

OpenVAS/GVM: An Open Source Vulnerability Scanning and Management System.
SecurityTrails Blog · Nov 19 2020 · by Esteban Borges

OpenVAS/GVM: An Open Source Vulnerability Scanning and Management System

Vulnerability scanning is one of the foundations of standard enterprise security. An enterprise with a good security posture will have: a firewall, some type of asset-mapping, a vulnerability scanner and possibly even a security team that does some type of pentesting. Keep in mind that the list above is not exhaustive, but the rudimentary outline of an enterprise with a few good security measures in place.