Cybersecurity Services
Overview
vCISO-Led Security Team as a Service (STaaS)
Offensive Security Consulting + Adversarial Simulation
Defensive Security Consulting + Hardening
Cyber Risk Advisory + GRC
Industries
Overview
Financial Services
Higher Education
Healthcare
Technology and SaaS
Sports & Entertainment
Manufacturing
Professional Services
Retail
Not for Profit
Defense Industrial Base (DIB)
Partners
About
Careers
Intelligence
Articles
Webinars
Cybersecurity Services
vCISO-Led Security Team as a Service (STaaS)
Offensive Security Consulting + Adversarial Simulation
Defensive Security Consulting + Hardening
Cyber Risk Advisory + GRC
Industries
Financial Services
Higher Education
Healthcare
Technology and SaaS
Sports & Entertainment
Manufacturing
Professional Services
Retail
Not for Profit
Defense Industrial Base (DIB)
Partners
About
Careers
Intelligence
Press and Events
Contact
Latest Intelligence
Cybersecurity Myths vs. Facts: What You Need to Know
Join us this Cybersecurity Awareness Month to debunk myths and strengthen your defenses! Learn key truths about phishing, password security, and the importance of updates to protect your organization from digital threats.
Posted on Oct 31 / 2024
Inc. Names Echelon Risk + Cyber as a 2024 Power Partner Award Winner
Inc., the leading media brand and playbook for the entrepreneurs and business leaders shaping our future, announced its third annual
Power Partner Awards.
The prestigious list honors B2B organizations across the country that have proven track records supporting entrepreneurs and helping startups grow. This year’s list recognizes Echelon Risk + Cyber (Echelon) among 359 companies in marketing and advertising, health and wellness, financial services, legal, logistics, public relations, and productivity, as well as other critical areas of business.
Posted on Oct 29 / 2024
Cyber Intelligence Weekly (October 27, 2024): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. In this week's CIW: Chinese Hackers Allegedly Target Campaign Phones of Trump, Vance, and Harris, Black Basta Ransomware Group Uses Microsoft Teams to Masquerade as IT Support, Kremlin-Linked Hackers Target Ukrainian Agencies in Espionage Campaign
Posted on Oct 27 / 2024
Intelligence
in
Offensive Security
From Vulnerability Assessments to Red Teaming: Choosing the Right Cybersecurity Assessment
Choosing the right offensive cybersecurity service can be challenging, especially with options like red teaming, penetration testing, and vulnerability assessments that often appear overlapping. Each service, however, serves a distinct purpose and addresses different aspects of your security needs. To help you make an informed decision, let’s explore the differences between these services and how they align with your organization’s specific cybersecurity goals.
Posted on Sep 30 / 2024
Cybersecurity Offensive Service Comparison: Assessment, Testing, and Red Teaming
Organizations often face confusion when selecting offensive cybersecurity services. Vulnerability Assessment, Penetration Testing, and Red Teaming are essential but serve different purposes. At Echelon Risk + Cyber, we frequently encounter this confusion, so we’re here to break down each service and clarify which might be the best fit for your organization.
Posted on Sep 23 / 2024
Packet Paranoia – Manipulating ICMP Packets to Covertly Exfil and Infil Data
Posted on Jun 11 / 2024
The Latest in FedRAMP Compliance: Breaking Down Red Teaming for Enhanced Security
FedRAMP announced a new red team requirement impacting cloud service providers. This article breaks down the details of the requirement and the difference between red teaming and pen testing.
Posted on Apr 18 / 2024
Hackin’ SaaS – Echelon’s Top 10 Web App Vulnerabilities
Echelon's Offensive Security (OffSec) team of ethical hackers conducts daily penetration tests on web applications, uncovering common vulnerabilities that threaten online security. In this article, we explore the top 10 web app vulnerabilities frequently encountered during penetration tests. From SQL injection to CORS misconfigurations, we'll delve into each vulnerability and discuss how to both exploit and safeguard against them.
Posted on Sep 13 / 2023
eLearnSecurity Web Application Penetration Tester (eWPT): Overview and How to Prepare for the Exam
Prepare for the eLearnSecurity Web Application Penetration Tester (eWPT) exam with this comprehensive guide. Learn about the exam format, prerequisites, and tips to pass the practical and written assessments. Acquire valuable web application penetration testing skills and enhance your professional profile.
Posted on Aug 01 / 2023
Network Pivoting and the eCPPT Exam
Learn about network pivoting techniques for the eCPPT exam and penetration testing. Understand the concept of pivoting, explore tools like Metasploit, Proxychains, SOCKS Proxy, Chisel, and Ligolo-ng, and discover the differences between reverse shells and bind shells.
Posted on Jul 05 / 2023
Adaptability and Perseverance – Breaking Down the 2023 CrowdStrike Global Threat Report
Here are our key takeaways from CrowdStrike's 2023 Global Threat Report. Discover the latest threat trends and explore recommendations for staying ahead of threats.
Posted on May 23 / 2023
Level-Up Your Testing with Adversarial-Based Red Teaming and the TIBER-EU Framework
Traditional penetration testing may not be enough to simulate real-world attack scenarios. Discover the benefits of adversarial-based red teaming with the TIBER-EU Framework to improve your organization's ability to detect, respond to, and mitigate sophisticated attacks.
Posted on Apr 27 / 2023
Cyber Definition Problems: Red Teaming vs. Penetration Testing
Cybersecurity terms like "red teaming" and "penetration testing" are often used interchangeably, leading to confusion and misinformation. This article explores the differences between these assessments and why the misuse of terms can be detrimental to the industry.
Posted on Apr 17 / 2023
Pen Testing is Not Enough – Red Team Assessments in Healthcare
Learn why pen testing alone isn't enough to secure healthcare organizations from cyber threats, and how red team assessments can help identify and mitigate vulnerabilities. Here's a comprehensive overview of red teaming and its importance in healthcare cybersecurity.
Posted on Mar 14 / 2023
eLearnSecurity Certified Professional Penetration Tester (eCPPT): Overview and How to Prepare for the Exam
Preparing for the eLearnSecurity Certified Professional Penetration Tester (eCPPTv2) exam? Here are three experiences from the Echelon Offensive Security Team and tips on how to prepare.
Posted on Mar 06 / 2023
eJPTv2 Certification: Overview and How to Prepare for the Exam
The eJPTv2 certification is a globally recognized entry-level information security certification that validates practical penetration testing skills. Take a look at this article redacted by our Offsec team where they provide an overview of the certification and tips on how to prepare for the exam.
Posted on Feb 16 / 2023
Case Study: MetaOptima Enhances Security Practices through a Web Application Assessment
As an organization that stores sensitive medical data, MetaOptima is focused on investing in their security posture. Here's how Echelon Risk + Cyber helped ensure they are functioning at their most secure level.
Posted on Feb 22 / 2022
Continuous Penetration Testing: Shattering the Hourglass
Threats are continuously evolving - your pen testing should too. As attackers constantly find new vulnerabilities to exploit, a continuous penetration testing approach persistently emulates threat actor activity within a company’s unique environment, helping them stay secure over time.
Posted on Jan 31 / 2022
Risk + Cyber Perspectives: Securing Financial Services
In this video discussion with Matt Tolbert, Senior Cybersecurity Examiner for the Federal Reserve Bank of Cleveland, Matt and Dan discuss risks of remote workforces, planning for disruptions, mitigating 3rd party risks, going to the cloud, supply chain threats, and resilience in the future.
Posted on Oct 07 / 2021
Case Study: Bell and Howell Improves Cyber Posture with Echelon’s Unique Collaborative Approach to Pen Testing
Bell and Howell partnered with Echelon Risk + Cyber to test the security of their systems, ensuring that they will continue to be protected from future cyberattacks and avoid any future disruption to their systems.
Posted on Oct 06 / 2021
Mission Matters Interview: Dan Desko + Adam Torres
Our CEO and Founder Dan Desko was recently interviewed for Mission Matters Innovation with Adam Torres. The interview focuses on our core belief that security and privacy are basic human rights. We're built to live that mission every day.
Posted on Oct 06 / 2021
Banking in the Cloud: Key Considerations for IT Leaders
Considering a move to the cloud? There's a lot to think about, especially for financial institutions. This article lays out those obstacles and some considerations for overcoming them.
Posted on Sep 28 / 2021
Four Ways to Spice Up Your Penetration Testing Routine
Another year, another penetration test? Attackers are evolving, and so should you. Here are four ways to spice up your pen testing routine to be better prepared and reduce your attack surface.
Posted on Sep 22 / 2021
DefCon 29 in Review: The Best Sessions, Badge Spoilers and More
Have you solved your badges yet? With another DefCon in the books, here's our take on the best sessions and a close up look at some of the badges.
Posted on Aug 26 / 2021
Cyber Intelligence Weekly (Aug 15, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: data breach at T-Mobile, Apple's privacy nightmare, and Microsoft needs to patch patching.
Posted on Aug 16 / 2021
Cyber Intelligence Weekly (Aug 8, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: Federal agencies failing at cyber, Apple scans your iCloud photos, and a disgruntled ransomware worker acts out.
Posted on Aug 08 / 2021
Cyber Intelligence Weekly (Aug 1, 2021): Our Take on Three Things You Need to Know
This weekly post shares our intel around some of the major developments on the future of cybersecurity. This week: President Biden's memorandum on Critical Infrastructure Cybersecurity, an FBI official advises against banning ransomware payments, and the search engine for hackable websites returns.
Posted on Aug 01 / 2021
Flexible & Secure Remote Penetration Testing in a Changing World
Over the past year and a half, the worldwide workforce underwent a drastic and rapid paradigm shift that has brought with it new opportunities, attack vectors, and methods to test security. When testing security with penetration testing, partner with a firm using the most modern, advanced tactics to test your readiness for tomorrow’s attackers.
Posted on Jul 29 / 2021
Search
Articles
Webinars
Sections
Beyond the Baseline: A New Approach to IT Audits
CISO's Corner
Compliance
Cyber Career Tips
Cybersecurity Champions
Cyber Intelligence Weekly
Downloadables
Financial Services
Hacker's Perspective: Tips for Defenders
Higher Education
Healthcare
Improving Cyber Hygiene
Manufacturing
Offensive Security
Our People
Tech Dives
Technology & SaaS
Are you ready to get started?
Are you ready to get started?
Contact Us