Introduction In today’s rapidly evolving digital world, effective cybersecurity is not just beneficial—it’s essential. At Skyrim Security, we understand the complexity of threats that businesses face daily. One of the main services we offer is a best practice gap analysis consultation, which is an interview driven process, utilizing the comprehensive framework of CIS Controls to […]
In the evolving landscape of web application development, template engines have become a cornerstone for creating dynamic, user-friendly interfaces. At Skyline Security, we recognize the importance of understanding both the functionality and the potential vulnerabilities associated with these tools. Server-Side Template Injection (SSTI) represents one such vulnerability, posing a significant risk to web applications. This […]
In the realm of cybersecurity, SQL Injection (SQLi) stands out as one of the most prevalent and dangerous vulnerabilities, and will, therefore, be the subject of today’s blog. As defenders become savvier, attackers evolve their techniques, diving deeper into intricate SQLi strategies. Two such methods are Blind SQL Injection and Error-Based SQL Injection. Let’s dive […]
XML (Extensible Markup Language) has long been a cornerstone in web technologies for structuring data. However, its flexibility has also led to a very serious vulnerability in the web application security landscape: XML External Entity (XXE) vulnerabilities. OWASP Classification: XXE vulnerabilities are highlighted by the Open Web Application Security Project (OWASP) in their Top Ten […]
Here at Skyrim Security we offer a myriad of Penetration Testing services, and today we’ll delve into one specific type of test: the external penetration test. This method emulates a real-world attacker on the internet targeting your organization’s internet-facing assets. While we at Skyrim Security strictly follow the Penetration Testing Execution Standard (PTES) framework for […]
If you’re a member of the infosec community, chances are you’ve probably heard of the MITRE ATT&CK framework. However, despite its recognition, its intricacies might still not be fully understood. This blog aims to bridge that knowledge gap by providing an introductory explanation of what the MITRE ATT&CK framework is. We’ll delve into why it […]
For those uninitiated, ransomware is a form of malicious software that encrypts the victim’s files, effectively locking them out of their own data. The attacker then demands a ransom from the victim to restore access to their data upon payment. It’s cyber extortion, and it’s more prevalent and perilous than ever before. Why is Ransomware […]
In today’s digital-first world, the security of web applications is paramount. As cyber threats evolve, so must our strategies to counter them. Here’s a deep dive into how we ensure that your web applications are robust and resistant to potential threats. Dual-Faceted Approach: Unauthenticated & Authenticated Testing Web applications are often vulnerable from multiple fronts. […]
At Skyrim Security, we’ve always believed in the power of technology to transform businesses and individuals. But with this power comes the responsibility to ensure its secure and responsible usage. As a dedicated provider of penetration testing, consulting, and auditing services, we recognize the importance of safeguarding digital landscapes against potential threats. That’s why we’re […]
In today’s rapidly evolving digital landscape, where cyber threats are becoming more sophisticated and prevalent, ensuring the security of your organization’s data and systems is of utmost importance. As cyberattacks continue to make headlines, businesses and institutions are increasingly recognizing the value of proactive cybersecurity measures. Among these essential security practices, penetration testing, or pentesting, […]
- 1
- 2