SecurityMetrics Blog

What is a Business Continuity Plan?

What is a business continuity plan? A business continuity plan (BCP) provides a way for organizations to deal with the business impact of any...
View Post

Where Did that Request Come From? CVE-2020-11682 (CSRF)

What is CSRF? Cross site request forgery, commonly referred to as CSRF (pronounced sea-surf), is an attack in which a user who is authenticated to...

COVID-19 Cyber Attacks Security Update Center

COVID-19 Cyber Attacks Security Update Center. Your data security and compliance expert amid unprecedented challenges We recognize that businesses...

5 Blogs to Help You Survive PCI DSS and Prevent Security...

Here are 5 Blogs to Help You Survive PCI DSS and Prevent Security Breaches This Year. We cover formjacking, penetration tests, PCI DSS checklists,...

Update: COVID-19 Cybersecurity and Threats

As plans to reopen economies move forward around the world, the entire cybersecurity industry–including the SecurityMetrics Security Operations...

Authorization Bypass: A Cautionary Tale CVE (2020-11679,...

Attackers: Known or Unknown? That is the question. Far too often I come across applications where developers have made every attempt to secure...

Penetration Testing FAQs

Whether your business needs a penetration test for an industry compliance requirement, or because of a security incident, the process can seem...

Update: COVID-19 Cyber Threats and Attacks

Current COVID-19 Cyber Threats The UN Agency WHO has reported a 500% increase in cyber security incidents over the same period last year. As our...

How to Become PCI Compliant: The 2020 Guide to PCI DSS Compliance

Payment Card Industry (PCI) compliance is required for any organization that takes payment cards. The PCI Data Security Standard (PCI DSS)...

SecurityMetrics Podcast: The Latest in Cybersecurity and...

A cybersecurity podcast for both IT professionals and security novices We are excited to announce the launch of a new project we’ve had in the...

BlogEngine.NET Directory Traversal + Remote Code execution

A remote code execution (RCE) vulnerability, CVE-2019-10719, was discovered in BlogEngine 3.3.7 and earlier. Leveraging a path traversal in...

Something from Nothing; a Pentest Story

While performing an external network layer penetration test I encountered a host that presented a single page that was essentially blank...

Top 15 ASV Scan Vulnerabilities and How to Fix Them

Vulnerability scans are automatic. They’re nonintrusive, similar to a security professional checking whether or not your front door is unlocked...

SecurityMetrics COVID-19 Coronavirus Update

For the last twenty years, SecurityMetrics’ mission has been to help customers close security gaps and prevent data compromise. With the upheaval...

PANscan 2020 Study Shows Unencrypted Credit Card Data Storage Up

PANscan searches business networks for unencrypted credit card numbers. Can businesses store credit card information? The short answer is, “yes.”...

Need help securing your business?

Request a quote!