Blog

Red Team tactics – breaching the lines of defense

The most challenging element of a Red Team engagement is often breaching the external perimeter of the organization and attaining domain credentials. Companies invest a

The art of phishing

The one vulnerability for which there can never be a patch, update or new anti-virus is that which is human. We can install the latest

From zero to hero: How to gain full access to an organization’s system through social engineering

In August 2019, a very secure and sensitive organization commissioned the Comsec Red Team to carry out a Social Engineering (SE) project. The customer requested

Docker Container Breakouts Allowed by RunC Vulnerability

Containers, Orchestration, Docker, Kubernetes; We hear about this technology more and more every day. Use of containers and containerization became a natural choice by modern

The state of securing the Internet of Things

The new OWASP IoT Top 10[1] released on December 25th 2018 is an attempt to unify several problems that multiple parts of an organization face

Comsec’s Josh Grossman presenting at AppSec USA 2018

Come and meet Josh Grossman, one of our Application Division team leaders, at AppSec USA 2018 being held in San Jose, California in October!

ISO 27001 Review- an inner view from comsec advisor

Tiennot van Dilst- Principal Consultant / Delivery Manager – Comsec Benelux During my career as a CSO and Security Consultant, I have worked with the

About (Weird) CORS Exploitations

During our daily routine, we face lots of different kinds of web applications, which are built differently from one another. Sometimes the developers have the

ComTech: Do’s and Don’ts in production environment pentest

Hello everyoneAfter a short break, ComTech is back. Today’s post will talk about something that is relevant to every pentest, the do’s and the don’ts

Defcon25 lecture: Call the plumber – you have a leak in your (named) pipe

HelloFollowing my #defcon25 lecture in Las vegas, “Call the plumber – you have a leak in your (named) pipe” (https://www.defcon.org/html/defcon-25/dc-25-speakers.html#GCohen), here is the presentation file:https://drive.google.com/open?id=0B3_AmubjewYTVERidTVGZW5uRnM

Blog

Red Team tactics – breaching the lines of defense

The art of phishing

From zero to hero: How to gain full access to an organization’s system through social engineering

Docker Container Breakouts Allowed by RunC Vulnerability

The state of securing the Internet of Things

Comsec’s Josh Grossman presenting at AppSec USA 2018

ISO 27001 Review- an inner view from comsec advisor

About (Weird) CORS Exploitations

ComTech: Do’s and Don’ts in production environment pentest

Defcon25 lecture: Call the plumber – you have a leak in your (named) pipe

Our Services

About Us

Comsec Consulting IL (HQ)

Comsec Consulting NL

Your cybersecurity partner

הצהרת נגישות

Calling from Israel?

Calling from anywhere else?

We are sorry to hear you have a problem, but we are here to help!

Our Hot Line is ready to provide immediate assistance 24/7

+972 3 9234646