Sayers Blog

    August 02, 2019

    Avoiding the Capital One Breach: Defense in Depth

    With the release of the criminal complaint in the recent Capital one breach we now have a better understanding of how Paige A. Thompson exfiltrated data from their cloud vendor. We don’t know all the details and can only make inferences based upon the information available.

    Read More
    July 30, 2019

    VxWorks Vulnerabilities: More Exposure Than You Think

    "When you start a sentence with '200 million' in the Cybersecurity world it's likely to end with 'records exposed' but today it's ending with something much scarier, 'devices exposed'." - Nigel Smithson, Sr. Cybersecurity Solutions Engineer @ Sayers  

    Read More
    July 23, 2019

    Your Password Policy Should Challenge Hackers, Not Your Users

    Any time a human is involved, the potential for weakened security increases.  Password policies are necessary for cybersecurity compliance; however, burdensome password policies can result in bad user behavior like password transformation.

    Read More
    July 03, 2019

    Affordable Cybersecurity Assessment using OWASP

    Sometimes we just need a sanity check and assessments offer that opportunity.  An assessment can offer a glimpse into those things that may require our attention, and ideally, some validation of our good work.  But, they can be potentially expensive.  For a quick self-assessment, there is a ...

    Read More
    February 17, 2019

    Doomsday Docker Software Vulnerability

    The attraction of a DevOps strategy is understandable, but sometimes I feel like the speed of business should be just a bit slower.  

    Read More
    January 28, 2019

    Combatting Uncertainty Around Cloud Security Readiness

    Overall, there is a weak grasp on what "Cloud Security" actually means. 

    Read More