Rajat Swarup, Security Solutions Security Consulting Practice Lead, AT&T
As Practice Lead, Security Consulting for AT&T Security Solutions, Rajat Swarup and his team of penetration testers get to break things. As white-hat hackers, their job is to identify security...
View ArticleIs Cryptography The Silver Bullet?
At AT&T Security Solutions, we have the privilege of seeing where the industry is heading in protecting information. Many times, cryptography is seen as the “silver bullet” to fix the issues that...
View ArticleIs Cryptography a Moving Target?
The series of posts that I began in “Is Cryptography the Silver Bullet?“ continues here. As we view the state of the information security industry, almost like a kaleidoscope, certain issues come to...
View ArticleWhy Hack My App?
An application penetration test (commonly called an “app pen test”) is a black-box security testing exercise that tests the security of applications with authorization from the creator of the software....
View ArticleWhen Libraries Aren’t Enough for Application Security
At AT&T Security Solutions, we perform hundreds of web application security penetration tests to find vulnerabilities — and one of the most commonly observed is Cross-Site Scripting (XSS)....
View ArticleShould My Network Be on a Diet?
So what do I mean by a network being on a diet? I mean reducing the network footprint to the optimal level. What is a network footprint? The areas where my infrastructure can be attacked by malicious...
View ArticleHow NOT to Manage Vulnerability Disclosures
Right before the New Year, some reports of security breaches hit the headlines. The Snapchat data breach was particularly noteworthy. Apparently, Snapchat was notified of the weaknesses by security...
View ArticleJailbreaking and Rooting: Two Threats to Your MDM Strategy
“Jailbreaking” is the process of altering iOS devices (e.g., iPhones, iPads) to run unsigned code. Apple controls apps on iOS by signing them with it’s private key. This inhibits an attacker’s ability...
View ArticleWith HID cards, a swipe is more than a swipe
At AT&T Security Consulting, we get to do the coolest things! A few weeks ago, we were performing a social engineering test authorized by a client. In this test, user susceptibility to individually...
View ArticleHow to wake employees up to phishing attacks
Recently, AT&T Consulting Solutions was asked to perform a social engineering assessment designed to find out if employees could distinguish between legitimate and phishing emails. The organization...
View ArticleAre your phone calls private and secure?
Short for Voice over Internet Protocol (VolP), it’s a way to transmit the human voice in digital form over the Internet or other networks such as an audio stream, instead of using traditional phone...
View ArticleDon’t want to make headlines with a security breach?
This has been a very interesting last few months. Data breaches have been in the news almost daily. From the largest bank and movie studio to the smallest retail establishments and online startups, it...
View ArticleTime is security’s greatest enemy
Evita Peron said, “Time is my greatest enemy.” This sentiment is very true in the information security world. This is how. For a long time cryptographers have used time-based side channels to break...
View Article
More Pages to Explore .....