General

by colinelacatena colinelacatena No Comments

Excellium Services and BitSight: which level of control do you have on your cybersecurity supply chain?

Contern – Luxembourg, 19th October 2021

Organizations are used to conduct mature processes to onboard a third-party, through sourcing, procurement, or vendor management. However, such processes do not often cover the long-term perspective and controls about any change that may occur within their partners. Manual interactions with the third-parties have an expensive cost and require staff that are focused on other concerns. Evaluation of the cybersecurity posture of third parties do not diverge from that trend. However, as a breach in a supplier’s Information System may have a huge impact on your own, how to conciliate a proper risk assessment and agility in an ever-growing interconnected world?

Read more

by colinelacatena colinelacatena No Comments

Access the potential of the cloud to enhance global security

With its Excellium360 for Office 365 & Azure offering, the BELUX cybersecurity specialist provides its customers with access to advanced security features, such as Microsoft’s SIEM “Sentinel” solution. Integrated with Excellium’s Security Operations Center, it enables the cybersecurity of IT environments deployed both on-premises and in the cloud to be reinforced. Read more

by mathildeexlm mathildeexlm No Comments

How to report a security issue in a standardized manner with Security.txt

The sushi syntax is incorrect

Our story begins on a Friday evening. An InfoSec guy passes an order on an only sushi shop to take a romantic break with his sweetheart. He selects dishes and clicks on the “Checkout” button, however, instead of receiving the expected checkout page, he gets an SQL error page:

“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near “Sushi”.”

Read more

by mathildeexlm mathildeexlm No Comments

Password hashing: Be careful about what you hash!

Context of the hashing issue

During a web assessment, Excellium’s Intrusion & AppSec team audited a PHP application where users passwords were stored using the bcrypt hashing algorithm. As bcrypt 1https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.htmlis still a valid and recommended algorithm to hash passwordscompromising passwords 2https://github.com/danielmiessler/SecLists/tree/master/Passwords/Common-Credentials  should not be an easy task. However, sometimesthe devil is in the details. 

 

Read more

by mathildeexlm mathildeexlm No Comments

2020: Through back to the epic year of the webinar

2020 has been challenging for lots of companies trying to keep afloat despite all the sanitary restrictions. Being present and maintaining customers relationships was not an easy game yet we did it. Through webinars, virtual events, magazine interviews, and so much more at Excellium we made sure to be present and to maintain our yearly activities no matter how much we had to adapt.

Read more

by colinelacatena colinelacatena No Comments

Maxive Cybersecurity, one of the largest MSSPs pure players!

The new holding company will aggregate S21sec (Spain, Portugal, Mexico) and Excellium (Luxembourg, Belgium) under one same holding company, Maxive Cybersecurity.

Certainly,Maxive Cybersecurity is one of the largest MSSPs pure players both in terms of business and specialized personnel. It will offer its customers a wider set of services combining best practices and capabilities from both S21sec and Excellium.

Read more

Top