Category: Blog
Why aren’t you using Microsoft’s Local Administrator Password Solution (LAPS) yet?
Microsoft LAPS (Local Administrator Password Solution) is a free tool for Active Directory environments which automatically creates, sets and stores cryptographically secure passwords on your local administrator accounts. It’s powerful, free and it improves your security. So why aren’t you using it yet?
Hardening Website Security – Part 3: Website Database Security
Introduction It feels like almost every week there’s another news item about personal information being stolen because yet another company’s website got hacked. Most of these attacks are perpetrated through social engineering, persuading somebody to hand over some detail which allows the hacker to gain additional privileges and, eventually, access to personal information. However, a…
Hardening Website Security – Part 2: User Session Cookie Security
Hardening Website Security – Part 1: HTTP Security Headers
Introduction It feels like almost every week there’s another news item about personal information being stolen because yet another company’s website got hacked. Most of these attacks are perpetrated through social engineering, persuading somebody to hand over some detail which allows the hacker to gain additional privileges and, eventually, access to personal information. However, a…
Installing and Configuring Microsoft LAPS: A Complete Guide – Part 1
Separation of Duties in Software Solutions: A Case Study in Overcee
Separation (or Segregation) of Duties in business and Information Technology is a great internal process which describes restricting the power of any one individual in order to combat mistakes and fraud. R. A. Botha and J. H. P. Eloff in “Separation of Duties for Access Control Enforcement in Workflow Environments” describe SoD as: Separation of…
Tutorial: Privilege Escalation Vulnerability Scan Tool and Overcee
Free: Windows Privilege Escalation Vulnerability Scan Tool
There exist many actual and potential vulnerabilities in the Windows operating system suite which could leave your systems open to attack. While many of these are patched or mitigated when they are discovered, many still remain as “features” of the operating system. We’ve isolated four of these vulnerabilities which we feel are the most easily…