Tag: Vulnerability Management

  • What to Expect When You’re Expecting a (Raxis) Penetration Test

    What to Expect When You’re Expecting a (Raxis) Penetration Test

    I made this video to help you understand a little better how Raxis works, and specifically what happens once you engage us. I hope it allays some of your concerns about penetration testing.

    There’s no reason to fear a pen test. Seriously. After all, it’s just a simulated cyberattack, one that you authorize and allow. Yet some CEOs, CIOs, and CISOs are hesitant to allow this ethical hacking for fear that the bad guys will somehow use it against them, that it will cause security issues, or that it will make them look bad. In fact, it’s just the opposite – especially if you choose to engage Raxis.

    We get it, though. It’s natural to be cautious, and it’s prudent to want to know more about the people you’re working with, especially when granting access to your company’s most sensitive data. Whether you choose to work with Raxis or any other firm, we recommend you ask (and answer) plenty of questions up front. You want to know the company has the right experience to offer a range of high-quality services. One size definitely does not fit all. The firm you select should speak to you in advance to understand your specific needs and expectations . . . and then design and deliver the type of test, training, and follow-up that best protects you and makes you more resilient.

    The Raxis team has some of the industry’s most advanced certifications, but we don’t intimidate our customers or hide anything from them. We believe knowledge empowers our clients, and we share it freely. Whether you use us or someone else, penetration testing is a critical part of your corporate cybersecurity strategy that you should not put off or bypass.

    As you can see, we welcome your questions and concerns during every phase of our process. We conclude our pen tests with an executive summary for management and detailed findings and screenshots that can serve as a to-do list for your internal teams.  

    Raxis stands by our processes, our team, and our word. Now it’s up to you to perform due diligence and research the expertise and deliverables of any cybersecurity company you’re considering. Follow us on this blog or social media, read more about our pen testing experience, or contact us directly to learn more about why some of America’s corporations (and small businesses) choose to work with us.

  • Understanding the Why Behind Password Management

    Understanding the Why Behind Password Management

    In this video, Brian will help you understand password management from the viewpoint of a hacker. It’s more than a how-to; it’s also a why-to. We’re hopeful that by seeing a little of what we see, you’ll make password management a high priority for your company.

    Despite years of warning, cajoling, and even begging by security professionals, password mismanagement is still one of the most reliable (and one of our favorite) ways to breach a company network. This week, our chief technology officer, Brian Tant, continues his video series about the most common vulnerabilities we see during hundreds of penetration tests each year.

    Remember: Complex passwords, unique to each account, and changed frequently are keys to effective password management and security. Also remember to check your service accounts and make sure that old passwords aren’t lingering on your devices.

    Effective cybersecurity is a matter of behavior as much as it is technology. Let’s make strong password management a habit that catches on. 

    Download our list of Top 10 Cyber Attacks to learn more about ways to secure your company.

    Want to learn more? Take a look at the next part of our Common Vulnerabilities discussion.

  • Can This Simple Trick Outwit Your Smart Security?

    Can This Simple Trick Outwit Your Smart Security?

    Armed with nothing more than an ordinary can of cool, compressed air, a hacker can gain entry to a key-card-only access facility in just 19 seconds. Skeptical? See for yourself in this video.

    Fortunately, the guy in this video is me. Our company, Raxis, is a team of ethical hackers and penetration testing experts who evaluate and identify solutions that help businesses safeguard their sensitive data, from healthcare to finance to innovative product and app development.  

    Some folks forget that physical security is the first line of defense for a cyberattack.  If someone can get inside your business, they can find your servers, and in seconds they can steal, sell, and destroy data you’ve invested thousands in protecting.  

    Our cybersecurity specialists have studied for years to find hidden, unscrupulous techniques that the world’s most sophisticated hackers use. Solving these puzzles and preventing cyberattacks is what we love to do – but often we find security vulnerabilities long before we get to delve deep.  

    Finding a failure in your company’s security isn’t something to fear; it’s something to fix. And you can only fix something when you know it is broken.  

    Follow us on this blog or social media and we’ll share more ways that hackers can get in — and how we can help you keep them out.