CruSec

Vulnerability assessment and overall risk mitigation strategies are at the very core of any effective security program. Not only does it play a crucial role for any entity, it may also be required by various compliances such as HIPAA and PCI. Though assessments may come in many forms, we will be focusing primarily on vulnerability scanning and remediation. This article aims to educate readers on best-practices and lay the foundation for establishing their own program. Vulnera

CruSec was a project I kicked around in my head for a few months in mid-2017. I knew that information security was going to take significant chunks of time to earn and maintain proficiency in, and so I wanted a platform that could serve as a hub for all my knowledge and experience. In late 2017 I decided to pull the trigger and set off on a 5-month journey designing the website and creating all the initial content for it. Although much of my motivation for creating the site w

If you ever plan on doing malware analysis, or any other activity where there is a good chance you’ll be in contact with something malicious, logically segregating your lab from your actual production environment is one of the most important safeguards you can implement. While performing the analysis in a VM will largely keep the host safe, a misconfigured hypervisor could allow an infection to spread to other machines. How I configure everything in this guide may not be the