Blogs

Cloud storage services allow customers to store and retrieve files on a remote, third-party server. [1] Cloud storage aims to be more cost effective and…

Rick Ramgattie
August 16, 2016

I’d rather lie to your face. The average corporate security training program might be useful when it comes to thwarting remote attackers, but does it…

Corey LeBleu
May 3, 2016

The use of encryption has drastically changed over the years. A vast number of encryption ciphers have been deemed weak (e.g., RC4), while others are…

Drew Branch
April 5, 2016

“All truths are easy to understand once they are discovered; the point is to discover them” – Galileo Galilei Seems simple, right? Unfortunately, that’s not…

Geoff Gentry
April 1, 2016

This blog post will explore situations in which anti­-virus software caused more harm than good. As the anti-virus landscape changes, software vendors are eager to…

Billy McLaughlin
March 25, 2016

A recently discovered vulnerability with SSLv2, dubbed the “DROWN” attack, has put the final nail in the SSLv2 coffin. Despite SSLv2 being deprecated since 2011[1],…

Tom Connolly
March 3, 2016

Patients are a hospital’s most important asset, not their data. We recently concluded a study, www.ise.io/hospitalhack, at a variety of hospitals to determine the plausible…

Stephen Bono,
February 26, 2016

The adoption of two-factor authentication (2FA) could not be more important. Something-you-know secrets have proven ineffective time and again, be it through password guessing or…

Stephen Bono
February 19, 2016

A few weeks ago, programmer, Maxim Andreev, released a critical ffmpeg and libav vulnerability in his blog that affects all ffmpeg versions prior to the…

Kedy Liu
February 8, 2016

Social engineering is all about manipulation, misdirection, and, above all, opportunity. I was lucky to be mentored and introduced to social engineering and physical security…

Corey LeBleu
January 7, 2016

When evaluating a remote target, learning more about the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) configuration can be very useful. Being able to test…

Billy McLaughlin
October 6, 2015

If you are like me, you were ecstatic when Apple finally decided to release its version of the Apple Watch smart watch. For many, this…

Drew Branch
October 6, 2015

Recently, I gave a little talk at ISE about quantum computing; I tried to delve into the subject a little deeper than what you might…

Ersin Domangue
September 8, 2015

The Debian-based Linux distribution’s package manager, Advanced Package Tool (APT), does not ensure privacy out of the box. While other UNIX package managers use SSL/TLS,…

Drew Branch
August 31, 2015

The security firm CrowdStrike recently revealed a vulnerability that its staff discovered in QEMU-based virtual machine (VM) products (CVE-2015-3456). These include Xen, KVM, and VirtualBox…

Independent Security Evaluators
June 20, 2015

Technology is a critical component in healthcare: we get it, we can all agree on this point. However, these same technologies…the ones meant to better…

Drew Ogle
June 8, 2015

The security firm CrowdStrike recently revealed a vulnerability that its staff discovered in QEMU-based virtual machine (VM) products (CVE-2015-3456). These include Xen, KVM, and VirtualBox….

Ersin Domangue
May 21, 2015

A notable weakness in most organizations’ security program is a lack of trained, experienced, and available security resources; to protect their assets, organizations require talented…

Lisa Green,
May 14, 2015

In this post, we consider the impact that the explosion of new software frameworks, and the frequent need to shift between them, has on security:…

Jacob Thompson
April 10, 2015

Our customers regularly develop products for Windows systems. Due to the dynamics of today’s laptop and desktop market, machines hosting Windows operating systems often come…

Mark Goldman
February 21, 2015

Our customers develop and deploy products that rely SSL/TLS to protect the confidentiality and integrity of Web, VPN, e-mail, and other traffic. We are often…

Jacob Thompson
January 19, 2015