• Blog

  • HTTPS Inspection

    January 12, 2021
    HTTPS Inspection

    HTTPS Inspection is the process of examining network traffic that takes place over SSL or TLS. This allows your intrusion prevention/detection devices to examine that encrypted traffic for malware and intrusion attempts.HTTPS Inspection is the modern approach to detecting malware and intrusions[...]

    Read more

    Image Forensics

    January 11, 2021
    Image Forensics

    Image forensics is the analysis of what evidence or information can be obtained from images taken with digital cameras or mobile devices. For the purpose of this blog I'm going to focus on the photo of a cat.As a forensic analyst the first thing I want to examine is the meta-data associated[...]

    Read more

    Digital Forensics

    December 25, 2020

    Crossroads Information Security has certified forensic analysts that work on a variety of cases ranging from intellectual property, incident response, and other malicious activity. We perform e-Discovery on systems that includes Android, iOS, Linux, Unix, Windows, Mac OSX, gaming consoles, IoT [...]

    Read more

    Small Business Web Application Penetration Testing

    Small Business Web Application Penetration Testing is essential to ensure your web application doesn't become the source of a breach. We perform web application penetration testing locally here in Oklahoma City and the United States, as well as countries that include Dubai, Ireland, Canada, [...]

    Read more

    Targeted Attack Dissection

    It was early in the morning when the phone rang. I knew immediately this wasn't a robocall since it was a special ringtone assigned to an international client. I recall the panicked voice on the other end reporting they are under attack. This was a targeted attack as the client went on to explain.[...]

    Read more

    The Changing Role of CISO

    The role of CISO is evolving. The number of security breaches that have occurred over the last year is unprecedented and demonstrates a need for more effective security. CISO responsibility is changing, in dynamic threat environment, greater business engagement requires CISOs to realign priorities [...]

    Read more

    Incident response programs require careful consideration before you build the program. Things to consider are:Talent: You need a multi-disciplinary approach to building the team. Ideally you would want to have members of the server team, network team, help desk, human resources, and [...]

    Read more

    Risk Assessing IoT Devices

    February 24, 2019
    Risk Assessing IoT Devices

    Risk assessing IoT devices should be done before they are placed on your network. In this presentation I discuss policy and procedure for IoT devices. Your IoT policy should state that IoT devices should not leave the environment without being sanitized.The next step of risk assessing IoT [...]

    Read more

    Security Awareness Security awareness is a challenge most organizations are facing. In this presentation I propose that we include more technical material, but to the right people. The challenges most of us face is that technical material may not be understood by the majority of the organization. I[...]

    Read more

    Incident Response Documentation

    Incident Response Documentation When it comes to incident response documentation it's important to record all your actions. This includes operating system, commands run, results, installed software, and service packs on the victim machine. However, you may not think to document the tools you used, [...]

    Read more

    2 of page 4