Jan 9, 2020 6:15:00 AM

The Case for Advanced Penetration Testing: Zero-Day Vulnerabilities in Symantec ICSP

Advanced Penetration Testing and Enhanced Red Teaming If you asked me what HORNE Cyber wants to be known for, I would quickly reply with “incomparable penetration testing.” From its conception, HORNE Cyber has placed heavy emphasis on the methodology used by its cyber operations specialists in penetration testing and red teaming engagements. Why do we feel penetration testing is so important? In our experience, we have found penetration testing and red teaming to be one of the most valuable investments an organization can make related to its cybersecurity efforts. However, there is no current standard when it comes to penetration testing services offered within the industry.   In fact, most penetration testing is simply a scan for publicly known vulnerabilities that may or may not be actionable on your network. While a good baseline, this approach often doesn’t improve your overall security posture. We are on a mission to create the gold standard through our advanced penetration testing and enhanced red teaming methodology by taking the approach of today's attackers. 

Topics: advanced penetration testing, Executive Insights

Mar 13, 2018 9:09:30 AM

High Expectations for Service, With Reverse Engineering

A cornerstone of a cybersecurity firm is in their “reverse engineering” capability. It is a necessary part of responding to breaches, keeping up with the state-of-the-art in threats, and enhances the coverage of penetration testing and red-team engagements. While it separates leaders from followers in the industry, very few business stakeholders have had the opportunity to learn what “reverse engineering” means, how it can be a measure of a security service provider’s capability, and how such services can directly benefit an organization.

Topics: digital forensics, Penetration Testing, data security, cybersecurity, information security, ransomware, advanced penetration testing, incident response, Malware, Executive Insights

Mar 6, 2018 10:30:00 AM

Choosing the Right Security Option for Your Organization

Cybersecurity in layers has been the go-to security model for some time now. There’s no one solution that will properly secure your organization’s network and sensitive information. In today’s environment, it takes an orchestra of teams, tools, and active threat detection and prevention operations to properly secure your organization from an attacker. It has become very clear that traditional layers, such as anti-virus, firewalls and monitoring tools, are just not enough. Attack emulation is a critical security layer that not only focuses on known vulnerabilities but also shows what a real attacker could do to your organization. If you are serious about finding your organization’s security weaknesses and resolving them, you’re likely going to need help from a third-party.

Topics: Penetration Testing, cybersecurity, advanced penetration testing, Security Budget, Executive Insights, Good Enough Cybersecurity

Dec 8, 2016 10:00:00 AM

What Should You Learn From Your Penetration Test?

Having a true advanced penetration test performed on your organization’s infrastructure is one of the fastest ways to gain valuable insight on the state of your security posture. It provides quick situational awareness around where your weaknesses are and *should* provide you with a roadmap on how to approach remediation. In working with clients, one thing we are realzing is that many of our clients believe they have been getting an "advanced penetration test" for years, when in fact they have not. Below are a few hints on how to know if you are truly getting a penetration test worth value to your organization. 

Topics: Penetration Testing, cybersecurity, advanced penetration testing