March 29, 2015

Although already a few months old, this little video from the folks at Offensive Security shows that often a system designed to protect the endpoints (like in this case a Symantec solution) becomes the actual entry point for a breach. We had similar experiences with other vendor security solutions.

This highlights the need of proper Penetration Testing rather than just Vulnerability Scanning. A vulnerability scanner only detects vulnerabilities already known, but can’t detect any not-known flaws. This is where the human Pentester thinking out of the box comes in.

Symantec Endpoint Protection Privilege Escalation 0day from Offensive Security on Vimeo.


Adding protection to endpoints

Author: Martin Voelk
March 14, 2015

We often get asked the question: I have a MAC so I am secure right? Well, you are more secure than on any Microsoft OS that’s for sure. Apple implements security a lot better and has far fewer security flaws than Microsoft. However does this make MacOS and iOS invincible? No. Security is a cat and mouse game and clever programmers, exploit developers and hackers always find flaws in any system. What can you do to make it harder? There are good endpoint security suites out there but a bot cost money.

We recommend everyones to use the Forticlient from Fortinet for starters. It’s a neat endpoint security protection suite and is completely free. It exists for Microsoft, iOS, MacOS and Android.

You can download it here: