Home | Resources

Threat & Vulnerability Management

VerSprite Evolved Cybersecurity Consulting

Pasta Threat Modeling

PASTA Threat Modeling: 7 Stages for Simulating Cyber Attacks

VerSprite emulates realistic cyber attacks by a malicious actor using PASTA Threat Modeling (Process for Attack Simulation and Threat Analysis). Our risk-based threat modeling methodology consists of 7 stages for simulating cyber attacks and analyzing threats to the organization and application. This allows our pentesters, redteamers, and cybersecurity analysts to help your organization identify critical vulnerabilities and minimize real-world risks associated business impact.

Learn More →

Penetration Test

Blog Post

Penetration Testing Methodology

Penetration Testing Methodology: Emulating Realistic Attacks by a Malicious Actor

The foundation of VerSprite’s penetration testing service is based on emulating realistic attacks by a malicious actor through the use of PASTA (Process for Attack Simulation and Threat Analysis).

Learn more

RACI PASTA Diagram VerSprite

Blog Post

PASTA Threat Modeling RACI Diagram

RACI (Responsible – Accountable – Consulted – Informed) is a role distribution diagram used in PASTA threat modeling methodology. It helps companies adopt threat modeling, and leverage the roles within an organization and its InfoSec department. It is a clear visual to save your team time and resources.

Learn more

Age of Misinformation

Blog Post

Age of Misinformation

Second half of the 20th century saw the dawn of the information age. Now, at the beginning of 21st century, and especially with the proliferation of IoT devices and social media usage, we are seeing the dawn of misinformation.

Learn more

Retail Sector Attack Tree

Blog Post

retail sector attack tree

Major Threats to the Retail Industry

Our team does extensive work with the retail industry. To give back, we host a living attack tree, free to download. These resources are updated yearly with the most modern and impactful threats, attack surfaces, attack scenarios, and exploitable vulnerabilities our team sees.

Learn more

Defeating Ransomware starts at Detecting the Botnet Infection Earlier in the Cyber Kill Chain | VerSprite Cyber Security

Blog Post

Financial Industry security threats

Understanding Physical and Cyber Threats to the Financial Sector

As physical and cyber attacks increase against the financial industry, VerSprite’s Threat Intelligence Group has been tracking the patterns attackers leave. In this article, VerSprite breaks down the top methods, motives, and threat organizations the financial industry should be aware of.

Learn more

Defeating Ransomware starts at Detecting the Botnet Infection Earlier in the Cyber Kill Chain | VerSprite Cyber Security

Blog Post

botnet infection

Defeating Ransomware Starts at the Botnet

Ransomware attacks continue to increase but most teams can’t detect the threat in their network until they are too late in the cyber kill chain to stop it. VerSprite’s Threat Intelligence Director argues early botnet detection prevents ransomware attack more effectively and shows how VerSprite’s BreachSeeker tool can help catch botnet infections up to 42 days before ransomware strikes.

Learn more

Vietnam Government Hit by Software Supply Chain Attack Open Signsight 2020

Blog Post

vietnam government supply chain attack

Operation SignSight: Software Supply Chain Attack Hits Vietnamese Government

Vietnam’s government is the latest victim in a string of complex supply chain attacks. This attack targeted the VGCA using a backdoor trojan called PhantomNet. VerSprite’s Threat Intelligence team give a brief overview of the important details you need to know.

Learn more

Blog Post

Jetstream Router Backdoor

Ematic, Wavlink, Winstars, and Jetstream Wi-Fi Routers Have Hidden Backdoor

A web-accessible backdoor was found in affordable Wi-Fi routers sold at Walmart, eBay, and Amazon. In this article, VerSprite experts explore the backdoor vulnerability investigation and provide mitigation solutions.

Learn more

Blog Post

Threat Intelligence

Top 3 Motives Why Cybercriminals Attack Social Media According to 2020 Threat Trends

With an increase of 43% in social media fraud attacks since 2019, cybercriminals are looking for new ways to exploit platforms such as Twitter, Facebook, LinkedIn, and Instagram.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos