Penetration Test

Hack Harder™: Going Beyond Highs, Mediums and Lows

Hack Harder Penetration Test A-LIGN

Penetration tests have always been confused with vulnerability scans, but even penetration tests vary greatly, and it can be difficult for an organization to determine whether they’re getting a quality test. Poor penetration tests are often the result of focusing on systems and vulnerabilities instead of the target organization.

Read More

Test the Security of Your Information Systems: A Penetration Testing Case Study

Penetration Testing Case Study A-LIGN

One of the best ways to test your information security posture is to simulate realistic attacks through a penetration test. Penetration testing is designed to test the information security of the technologies and systems in place at your organization, identifying vulnerabilities that can lead to a data breach or security incident.

Read More

Ask A Hacker: A-LIGN’s Penetration Testers Conduct a Reddit Q&A

ask-a-hacker

On Thursday, October 26th A-LIGN held an Ask Me Anything (AMA) Q&A forum on Reddit, to conclude National Cyber Security Awareness Month by providing further insight into the data breach landscape. Members of our penetration testing team answered questions regarding penetration testing, hacking, and information security. Below are the top five questions asked during the […]

Read More

Inside DEF CON 25

inside-defcon

What is DEF CON? DEF CON is an annual global hacking conference which brings together the brightest minds in information and it covers a variety of topics such as SMB replay attacks, web packet manipulation, and deauthentication attacks on wireless access points. This conference, now in its 25th year in existence, is an opportunity for […]

Read More

Employee Spotlight: Get to Know Senior Consultant Van Bettis

With DefCon coming up this weekend, A-LIGN would like to take the time to highlight one of our senior consultants, Van Bettis, who specializes in penetration testing. What is your role at A-LIGN? At A-LIGN, I perform penetration testing services for PCI-DSS, FISMA, and regular penetration testing. The types of penetration testing services that I […]

Read More

PCI DSS: Updated Penetration Testing Requirements – Frequently Asked Questions

pci-dss

Is your organization prepared for the upcoming PCI DSS requirement going into effect? To prepare your organization for this change, our team has assembled an FAQ to address any of your potential questions. Read now: What to Expect from PCI DSS 3.2 What is the new penetration testing requirement? Requirement 11.3.4.1 requires that organization perform […]

Read More

2017 Cyber Defense Guide: Part 1 [Free Download]

Don’t be ambushed by a cyberattack. In 2016, there were more than 4 billion data records stolen globally. Organizations at every level have been breached by hacks over the course of last year, but are there signs of hacks slowing down? So far in 2017, the following hacks and data breaches have been announced: Esea […]

Read More

New York Instates First Mandated Cybersecurity Law

Due to the increasingly significant threat of cybercrime on businesses and consumers, New York has released cybersecurity requirements for financial services companies in the state of New York. While the SEC currently mandates that organizations need to implement “reasonable safeguards to protect a client’s nonpublic information,” the new law provides more clarity for organizations to […]

Read More

Phishing 201: What are the Different Types of Phishing Attacks?

In our initial blog, Phishing 101, we covered the basics of phishing, including what phishing is and how to prevent it. Today, we will cover the different types of phishing attacks that your organization could be vulnerable to. Types of Phishing Deceptive phishing Deceptive phishing is the most common type of phishing scam. These scams occur […]

Read More

Social Engineering 101: What is Phishing and How do I Prevent It?

What is Phishing? Phishing is a series of communications that are sent in order to deceive individuals to provide sensitive information. Phishing can take the form of email messages, website forms, or phone calls and can be designed to reveal different information.  This information can take the form of: Credit card or other financial information […]

Read More