• Blog

  • Cloud Security Part II

    Security in the Cloud is a three part series about how to better protect your organization's digital assets in the cloud. This is a continuation from part one of the series.Malware Defenses in the CloudMalware defense is still an important consideration in cloud environments. Systems can [...]

    Read more

    Security in the Cloud Part I

    Security in the Cloud can be difficult to understand for some organizations. There are some security benefits with moving to cloud architectures, but there are also risks organizations should be aware of.Moving to the cloud doesn't automatically mean more "security". One of the problems here is[...]

    Read more

    Data Governance Programs

    Data Governance Programs are important for controlling the data your organization processes, produces, and stores. Data is the greatest risk today in most organizations and is also the currency on which many organizations operate.Your data can be centralized in a certain location like a file [...]

    Read more

    Hafnium Exchange Server Attacks

    Hafnium is a threat actor group actively targeting Exchange Servers with Outlook Web Access (also known as "OWA") available from the Internet. The underlying problem is due to what's called zero day exploits in Microsoft Exchange. These exploits allow the Hafnium threat actors to gain access to and[...]

    Read more

    C2M2 Cybersecurity Maturity Model

    The C2M2 capability maturity model is a framework for measuring the maturity level of your security program. Another popular approach is the CMMI (Capability Maturity Model Integration).The CMMI measure 5 levels of maturity on a scale of 1-5. CMMI defines the following maturity levels for [...]

    Read more

    Security Maturity Assessments are important to understand the maturity level of your information security program. Crossroads Information Security performs security maturity assessments utilizing industry standard framework such as: CMMI (Capability Maturity Model Integration) Cybersecurity [...]

    Read more

    Why You Should Use a Password Manager

    A Password manager is an application that allows you to securely store and keep track of your usernames and passwords. This is important because you shouldn't be using the same password across multiple sites. When you use the same password across multiple sites and one of them gets breached, your [...]

    Read more

    Top Cyber Security Risks for Businesses

    Cyber Security risks are something most organization are struggling to figure out. What I see happening in a lot of organizations is a lack of understanding of what bad things can happen and what the impact will be.The reasons for this differ across organizations, but the most common reasons I [...]

    Read more

    IDOR Vulnerabilities

    February 15, 2021
    IDOR Vulnerabilities

    IDOR vulnerabilities are a common problem we see during web application penetration tests. Insecure direct object references (IDOR) are a type of access control vulnerability that occurs when a web application uses user-supplied input to access objects directly.The OWASP Top 10 in 2013 listed [...]

    Read more

    Penetration Testing in Oklahoma City

    Penetration Testing is a service Crossroads Information Security offers that tests effectiveness of the security controls in your organization. Our penetration testing services have three options to choose from:Red Team Engagement: This is the traditional approach to penetration testing. Our [...]

    Read more

    1 of page 5