Posts by

Chris Dale

The Art of Discovery: A Penetration Tester’s Journey Through a Django Misconfiguration

[Editors Note: Eirik Valle Kjellby is an amazing gentleman and the latest, as of October 2024, addition to the ever growing penetration testing team at River Security. He continues to...
Read More about The Art of Discovery: A Penetration Tester’s Journey Through a Django Misconfiguration

Penetration Testing Methodology – Much More Than Just Checklists

This blog post seeks to outline key aspects of the methodology River Security employs to identify vulnerabilities during our penetration testing. Our approach is continually evolving, designed to adapt to...
Read More about Penetration Testing Methodology – Much More Than Just Checklists

Finding Attack Surface and Other Interesting Domains via Certificate Transparency Logs

Certificate Transparency (CT) logs are like public records for internet security. When a new TLS certificate is issued, it gets logged in these CT logs. This makes it easier for...
Read More about Finding Attack Surface and Other Interesting Domains via Certificate Transparency Logs

Celebrating 4 Years of River Security: A Journey of Growth, Success and Stopping the Threat Actors!

As we celebrate our fourth anniversary, we at River Security are filled with immense pride and gratitude. What started as a small, ambitious venture has now grown into a robust...
Read More about Celebrating 4 Years of River Security: A Journey of Growth, Success and Stopping the Threat Actors!

The Penetration Testers Manifesto

This is River Security's ethos—our belief system, motivation, and inspiration. Interested in working with us? Check out our jobs page. As a hacker, I am driven by a relentless curiosity...
Read More about The Penetration Testers Manifesto

Ethical Considerations in Incident Response

Ethical considerations in incident response, especially when dealing with sensitive data and disclosing information about security breaches, are paramount. These situations require a careful balance between transparency, confidentiality, legal obligations,...
Read More about Ethical Considerations in Incident Response

Navigating the Currents of Cybersecurity: River Security’s Approach to Distinguishing Vulnerabilities, Security Hygiene, and Exploitable Issues

In the ever-evolving landscape of cybersecurity, staying ahead of potential threats requires a keen understanding of the nuanced differences between vulnerabilities, security hygiene, and issues with demonstrable impacts on confidentiality,...
Read More about Navigating the Currents of Cybersecurity: River Security’s Approach to Distinguishing Vulnerabilities, Security Hygiene, and Exploitable Issues

Strengthening the Fort: How Attack Surface Management Empowers Companies in Web Security, Mail Security, Credential Management, and Authentication

There are many "vulnerabilities" that don't need immediate fixing; best practices, security hygiene and many other priorities risk taking priority over other more important security factors. At River Security, we...
Read More about Strengthening the Fort: How Attack Surface Management Empowers Companies in Web Security, Mail Security, Credential Management, and Authentication

Protecting Your Data: Techniques for Securing Sensitive Information Online

Data has become the currency of our time and as such, it is crucial to ensure its security. Hackers can easily gain access to highly sensitive data through simple Google...
Read More about Protecting Your Data: Techniques for Securing Sensitive Information Online

Don’t Overlook Social Media Security: Protecting Your Brand

Social media has emerged as a significant yet often overlooked part of the attack surface for many businesses. Understanding where your brand is exposed online is crucial to safeguarding these...
Read More about Don’t Overlook Social Media Security: Protecting Your Brand