Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to patch it before any damage could be done. Not only are large companies affected, but many applications and servers utilizing [...]
Your first interaction with Obscurity Labs may come through an Incident Response engagement, a Web Application Test / Application Security Engagement, a Managed Detection and Response (MDR) contract, a Security Engineering / Consulting contract, or even a Software Supply Chain Security contract. Each of these services complements each other to form an overarching cybersecurity program. We work with our clients, preemptively if possible, to conduct risk assessments using the NIST Cybersecurity Framework. We typically use the CIS CSC and NIST SP 800-53 controls to help our customers achieve target profiles and mature at a rate commensurate with their organization’s culture, budget, and business objectives. These risk assessments can be performed as an independent consulting service or they can be tied directly into one of the aforementioned offerings.