• Microsoft Launches Security Program For Azure IoT

    Tuesday, November 01, 2016, 10:06 AM | Praetorian coverage on DarkReading

    Microsoft has launched a new program for its Azure cloud platform to help business customers strengthen their security posture amid the rise of the Internet of Things. Security and privacy concerns are top of mind for IT pros as the IoT continues to grow within the enterprise. Many struggle to verify the security of their IoT infrastructure and may delay product implementation as they establish best practices.

    "In today's connected world, the perception of security risk alone, even if not realized, can still negatively impact consumer confidence necessary for new technologies to meet their full market potential," says Paul Jauregui, VP Marketing and IoT Business Lead at Praetorian. Praetorian, as a partner in the program, will review organizations' full IoT solutions while focusing on vulnerabilities. By helping them close security gaps, Praetorian and other partner companies will help Microsoft's business customers balance risk and time-to-market.

    "Solving and managing IoT security is going to take a village," says Jauregui.

    read more »

  • Praetorian Partners with Microsoft to Help Secure the Internet of Things

    Wednesday, October 26, 2016, 4:49 PM | Praetorian Newsroom

    Microsoft recognizes Praetorian as a "best-in-class" Internet of Things (IoT) global auditing partner and a founding member of its new Security Program for Azure IoT.

    Praetorian today announced a partnership with Microsoft, becoming one of its first global auditing partners under the new Security Program for Azure IoT. The new program brings together a curated set of best-in-class security auditors that Microsoft customers can choose from to perform security audits on their IoT solutions, find issues and provide recommendations. As a part of the Security Program for Azure IoT, Praetorian will deliver a holistic approach to security auditing by reviewing the entire solution, from chip to cloud, while prioritizing vulnerabilities so Microsoft’s enterprise customers can successfully balance risk with time-to-market pressures.

    read more »

  • IoT Security Is Not a Technological Challenge – It’s an Economic One

    Monday, October 17, 2016, 3:51 PM | Praetorian coverage on IoT World News

    A genuine enthusiasm for enabling and advancing a connected world can only be a positive for anyone working in the IoT sector. That's certainly the case for Paul Jauregui, who oversees all aspects of marketing, branding and communications at Praetorian, a collective of highly technical engineers and developers that provides a suite of security assessment and advisory services.

    His very obvious passion for the Internet of Things has led him to become acting business lead for Austin, Texas-based Praetorian's IoT security assessment and advisory services.

    read more »

  • Fast 50 2016: Austin’s fastest-growing companies unveiled

    Tuesday, August 30, 2016, 2:45 PM | Praetorian coverage on Austin Business Journal

    The results are in: Praetorian was included in the list of winners in Austin Business Journal's annual Fast 50 contest, which highlights the area companies that have grown rapidly in the past three years.

    The list is a valuable source of info for sales people, job seekers, executives trying to keep and eye on the competition and those just wondering who's doing the most business in Austin's booming economy.

    read more »

  • Praetorian Named to Inc. 5000 List for 3rd Year Running

    Monday, August 22, 2016, 3:25 PM | Praetorian Newsroom

    Inc. magazine today ranked Praetorian, a leading information security assessment and advisory services firm, on its 35th annual Inc. 5000, the most prestigious ranking of the nation's fastest-growing private companies. The list represents a unique look at the most successful companies within the American economy’s most dynamic segment— its independent small businesses. Companies such as Microsoft, Dell, Domino’s Pizza, Pandora, Timberland, LinkedIn, Yelp, Zillow, and many other well-known names gained their first national exposure as honorees of the Inc. 5000.

    read more »

  • Software exploits overrated - it’s the humans you need to be watching

    Monday, August 22, 2016, 3:01 PM | Praetorian coverage on The Register

    Weak passwords and phishing offer far easier mechanisms for breaking into most organizations than exploiting software vulnerabilities.

    A study by US cybersecurity firm Praetorian based on 100 penetration tests and 450 real-world attacks discovered that stolen credentials offer the best way into enterprise networks.

    Ninety-seven per cent of organizations have more than one root cause of compromise. The practical upshot of the report is that there should be more focus on guarding against stolen credentials and network segmentation as defenses, rather than playing "whack-a-mole" with software vulnerabilities.

    Hackers most commonly use stolen credentials, often first obtained through phishing or other social engineering, to break into targeted networks and (eventually) gain access to sensitive resources, sometimes as part of a multi-stage process.

    read more »

  • Attackers don’t need vulnerabilities when the basics work just as well

    Monday, August 22, 2016, 2:36 PM | Praetorian coverage on CSO Online

    You might not know it based on the hype and marketing dedicated to APTs and vulnerabilities, but most criminals don't need to target software or use fancy tactics to ruin a network and compromise sensitive data.

    Josh Abraham, a practice manager for Praetorian, recently compiled a report on common attack vectors used during 100 pen test engagements at 75 different organizations between 2013 and 2016.

    "We compiled this paper to detail the top internal attacks we used over the past three years that resulted in Praetorian achieving its objectives. Common objectives include achieving a sitewide compromise and/or access to sensitive information the client requested we gain access to."

    read more »

  • Attacker’s Playbook Top 5 Is High On Passwords, Low On Malware

    Thursday, August 18, 2016, 2:43 PM | Praetorian coverage on Darkreading

    Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian.

    Organizations would be far better served by improving credential management and network segmentation, according to researchers there.

    Over the course of 100 internal penetration tests, Praetorian pen testers successfully compromised many organizations using the same kinds of attacks. The most common of these "root causes" though, were not zero-days or malware at all.

    read more »

  • Mobile Forensics CEO Proposes Controversial Access Tech for Smartphones

    Tuesday, April 19, 2016, 12:02 PM | Praetorian coverage on IEEE Spectrum

    Dylan Ayrey, a security engineer with the information security company Praetorian, points out that an iPhone’s lock screen is only the first barrier to its contents. WhatsApp recently announced that it would use end-to-end encryption for all its messaging services.

    “Encryption is here whether we want it to be or not,” he says. “The landscape has changed forever, mostly for the better, and these types of proposals can't gain traction.”

    However just last week, two U.S. senators introduced legislation to require tech companies to unlock phones and provide other “technical assistance” to government officials with a court order.

    Mislan at Rochester Institute of Technology points out that as CEO of one of the world’s leading mobile forensics companies, Bollö would be uniquely positioned to profit from any software designed to execute FACT. Bollö insists that his competitors could do the same and says he is focused on developing a new industry standard rather than a software sales pitch.

    "Of course, we could develop this stuff and we'd be happy to do that but I'm not trying to push that,” Bollö says. “I'm trying to say, ‘Here's a solution that could work for everyone.’"

    Rather than require companies to install a key, Praetorian’s Ayrey thinks the best solution is for mobile forensics companies such as MSAB and Praetorian to continue doing what they have been doing all along—finding vulnerabilities in each new device or operating system that is released, and exploiting those holes on behalf of clients until an update renders them obsolete.

    For consumers, Mislan has an even simpler strategy. “For me, it boils down to: If you really want to protect something, don't put it on your phone,” he says.

    read more »

  • 5 Ways Cyber Experts Think the FBI Might Have Hacked the San Bernardino iPhone

    Tuesday, April 05, 2016, 12:02 PM | Praetorian coverage on IEEE Spectrum

    With the software rejiggered, the FBI could launch a traditional “brute force” attack, employing a software program to rapidly try password combinations until it arrived at the correct one. Since Farook’s iPhone 5C used a four-digit passcode, a program could run through every one of the 10,000 possible password combinations in a matter of minutes.

    “That brute force technology isn't very sophisticated,” says Dylan Ayrey, a security engineer with the information security company Praetorian. “You could go on Ebay right now and purchase ways to brute force older versions of the iPhone.”

    read more »

  • 3 big IoT security fears, and how developers can tackle them

    Thursday, March 31, 2016, 12:05 PM | Praetorian coverage on TechBeacon

    Elvis Collado, a security research at cybersecurity provider Praetorian, also worries about attackers rewriting firmware code and installing it on an IoT device, saying “The attack vector varies from device to device, but improper key handling or firmware validation puts a great number of IoT devices at risk. If an attacker can program a backdoor into a device, whether it be remote or local, then it's game over.”

    From Blaster to Heartbleed, it’s clear that the tech industry often acts on security only after a major problem becomes evident. What all four of the above experts agree on is that you shouldn’t expect “them” to fix a problem before it happens.

    “Builders make the best breakers,” Collado believes. “At Praetorian, we’re all developers and engineers. We just happen to focus on security. If you're a developer, try breaking your code from a non-QA perspective. Can you cause information to be leaked? Can you cause memory corruption? Do you have test code that was compiled into production that can be potentially abused? Can users access hardware debug interfaces in situations when they're not supposed to? This type of mentality shift will greatly improve the quality of your code from a security perspective.”

    read more »

  • Praetorian Announces End-to-end Internet of Things Security Testing Services

    Tuesday, October 27, 2015, 7:09 AM | Praetorian Newsroom

    New Internet of Things (IoT) security testing and assurance services designed to help today’s leading manufacturers deliver and deploy secure connected products to the market.

    Praetorian today announced expanded security testing and assurance services that cover end-to-end Internet of Things (IoT) product ecosystems. Praetorian’s Internet of Things security services take a holistic approach to security testing by reviewing the entire product ecosystem, from chip to code, while prioritizing vulnerabilities so connected product teams can successfully balance risk with time-to-market pressures.

    “In today’s connected world, the perception of security risk alone, even if not realized, can still negatively impact consumer confidence necessary for new technologies to meet their full market potential,” said Paul Jauregui, Vice President of Marketing at Praetorian. “Recent, high-profile data breaches have heightened consumers’ awareness of data security and privacy issues. As a result, consumer adoption may suffer until vendors can adequately address security and privacy concerns,” he added.

    read more »

  • Will sanctions deter China from engaging in cyber warfare?

    Wednesday, September 23, 2015, 5:58 PM | Praetorian coverage on Fortune Magazine

    Embargos and sanctions such as these could be the new norm in dealing with cyber warfare threats—especially since companies have no real teeth to fight back.

    “It has become painfully clear that even the largest corporations are incapable of preventing state sponsored cyber attacks on their own,” says Nathan Sportsman, CEO of the Praetorian, which provides security assessment and advisory services.

    For instance, corporations can’t exactly “hack back” against state-based incursions. The response would have to come from the U.S. government, Sportsman says. “While economic sanctions should not be considered a panacea, U.S. sanctions will provide a partial deterrence to the rampant cyber attacks that we are currently experiencing,” he says.

    read more »

  • Austin-based security firm says the world needs more smart hackers

    Thursday, September 17, 2015, 7:21 AM | Praetorian Newsroom

    As cybersecurity job market suffers severe workforce shortage, a leading information security firm engages next-generation talent face-to-face to address skills gap.

    The University of Texas at Austin welcomed two new adjunct professors to the department of computer science this fall. Nathan Sportsman and Chris Prosise, of Austin-based cybersecurity company Praetorian, have joined the university to teach the newly created CS 378 Ethical Hacking course. The two industry veterans are joining the talented and diverse group of professors as part of the computer science department’s expanded commitment to security as part of the degree curriculum. The class will provide students with a practical, hands-on opportunity to learn real-world security.

    read more »

  • Praetorian Named to Inc. 5000 List for Second Consecutive Year

    Tuesday, August 18, 2015, 3:19 PM | Praetorian Newsroom

    Praetorian, an information security provider dedicated to helping organizations achieve risk-management success, has been honored by Inc. Magazine's 34th annual Inc. 5000, an exclusive ranking of the nation's fastest-growing private companies. The list represents the most comprehensive look at the most important segment of the economy—America’s independent entrepreneurs.

    read more »

  • Security firm Praetorian outfitted a drone with custom hardware to learn how many connected devices

    Wednesday, August 05, 2015, 4:35 PM | Praetorian coverage on Fortune Magazine

    Security firm Praetorian outfitted a drone with custom hardware to learn how many connected devices are being used in Austin, TX.

    Given the explosion of connected devices, also known as the Internet-of-things, it’s natural that people would want to know just how many such devices are out there.

    But how do you go about figuring out just how many of these devices—like thermometers or light bulbs hooked to the Internet—are being used in a given city? The answer is apparently to enlist the services of a drone that can fly above the city proper and gather tons of data pertaining to the connected gadgets and appliances.

    A team of researchers at security company Praetorian wanted to discover how many IOT-friendly devices were being used in Austin, TX, and found that the best way to do so would be to outfit a drone with the company’s custom built connected-device tracking appliance and have it fly over the city, Praetorian vice president of marketing Paul Jauregui told Fortune.

    read more »

  • ‘Use 1 capital’ password prompts make them too predictable – study

    Monday, April 27, 2015, 4:24 PM | Praetorian coverage on The Register

    A new study has found that password structure is a key flaw in making login IDs hard to guess.

    Security firm Praetorian analyzed 34 million stolen passwords from the LinkedIn, eHarmony and Rockyou breaches and found that 50 per cent of all passwords followed 13 basic structures. This lack of entropy makes it possible to use statistical analysis to make cracking faster and more effective.

    A key part of the problem is with the websites themselves, as they don’t go far enough in prompting user security. Just requiring one upper case letter or number is not good enough when too many users go for the same password structure, as Praetorian explains.

    read more »

  • Global Business May Still be Vulnerable to Heartbleed

    Tuesday, April 14, 2015, 12:56 PM | Praetorian coverage on CNBC

    Cybercriminals can still exploit the vulnerability to gain usernames and passwords as well as sensitive business and financial data. "Heartbleed is still prevalent," said Josh Abraham, vice president of services at Austin Texas- headquartered Praetorian, a cybersecurity company that helps organizations minimize risk. Heartbleed affects OpenSSL, a software which allows websites to communicate information securely over the Internet.

    read more »

  • Warning: Your smart TV may be spying on you

    Monday, February 09, 2015, 2:19 PM | Praetorian coverage on MarketWatch

    Samsung Electronics says its SmartTV is programmed to pick up surrounding voices as it scans airwaves for commands. Data is collected and transmitted to a third-party vendor that converts speech to text.

    “Please be aware,” Samsung warns in its privacy policy, “that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of voice recognition.”

    A recent study points to a “clear connection” between consumer perception regarding the safety of their data and the commercial success of products, said Paul Jauregui, VP of cyber-security and risk consulting company Praetorian. In the study, 80% of consumers said they’re more likely to purchase from companies they believe do a better job of protecting their information.

    “It’s getting to a point where it’s going to influence buying decisions,” he said.

    read more »

  • Traffic Lights are Dangerously Easy to Hack

    Thursday, August 21, 2014, 10:19 AM | Praetorian coverage on CNN Money

    Econolite's traffic lights are used in 100,000 U.S. and Canadian intersections, although it's unclear if all of those systems are susceptible to hacking.

    The problem extends beyond just Econolite -- the U.S. traffic light communications standard, called "NTCIP 1202," is present in all modern signal systems. They can all be hacked if cities don't change their default settings.

    Researchers said that the lights can be made much more difficult to hack with little effort: Guard the network. Cities that install the traffic control systems can enable encryption and set passwords for their networks -- both options are available on the Econolite systems. It's as simple as clicking on a box on the device's screen.

    But that isn't likely to happen anytime soon. Local governments are cash-strapped and aren't easily convinced they must manually update every signal controller, said Adam Pridgen, a security consultant at Praetorian.

    read more »

  • Praetorian Included on 2014 INC. 500 | 5000

    Wednesday, August 20, 2014, 3:47 PM | Praetorian Newsroom

    Praetorian, an information security provider dedicated to helping organizations achieve risk-management success, has been honored by Inc. Magazine's 33rd annual Inc. 500 | 5000, an exclusive ranking of the nation's fastest-growing private companies. The list represents the most comprehensive look at the most important segment of the economy—America’s independent entrepreneurs. Companies such as Yelp, Pandora, Timberland, Dell, Domino’s Pizza, LinkedIn, Zillow, and many other well-known names gained early exposure as members of the Inc. 500|5000.

    read more »

  • Praetorian Achieves Significant Momentum in Enterprise Security Consulting

    Friday, April 25, 2014, 8:59 AM | Praetorian Newsroom

    Recognized as one of the “20 Most Promising Enterprise Security Consulting Companies,” Praetorian rises above the rest in an evolving security market.

    AUSTIN, Texas – April 25, 2014 – Praetorian, a leading information security provider, was named one of this year’s “20 Most Promising Enterprise Security Consulting Companies” by CIO Review Magazine. A distinguished panel comprising CIOs and CEOs of public companies, industry analysts and the CIO Review editorial board finalized the selection earlier this year. The annual listing represents not only the leading high-value enterprise security consulting companies in the U.S. but also recognizes companies impacting the information technology marketplace.

    read more »

  • ‘Heartbleed’ Bug: What Can You Do to Protect Your Data?

    Wednesday, April 09, 2014, 2:02 PM | Praetorian coverage on NBC News

    "You can run to update your password everywhere, but it won't do any good on the sites that haven't pushed out a fix yet," Josh Abraham, director of professional services for security firm Praetorian, told NBCNews.

    Companies including Google, Amazon, Yahoo, Tumblr and Facebook said they have investigated the issue and are working to update their sites. But the fix could be slower for small businesses who use OpenSSL -- and entering a new password into a potentially compromised site could do more harm than help.

    read more »

  • Apple Issues Fix for Security Risk

    Sunday, February 23, 2014, 1:23 PM | Praetorian coverage on CNN Money

    Without the patch, a hacker could be what experts call a man-in-the-middle -- it's like a game of Telephone you don't even know you're playing.

    "Alice wants to communicate securely with Bob," explained Nathan Sportsman, a mobile security expert and CEO of Praetorian. But Eve, a hacker, uses this vulnerability to put herself between the two. "Now Alice is talking to Eve and Eve is talking to Bob," he explained. Alice and Bob think they're talking to each other privately.

    This lets hackers view the communications, such as bank deposits or Facebook (FB, Fortune 500) posts. If they intercept a username and password, the hacker could return to your account later and cause more damage, Sportsman said.

    read more »

  • Crypto weaknesses in WhatsApp “the kind of stuff the NSA would love”

    Friday, February 21, 2014, 1:43 PM | Praetorian coverage on Ars Technica

    WhatsApp, the mobile messaging app developer that Facebook is acquiring for $19 billion, may be an attractive addition to the social network, thanks to WhatsApp's 450 million active users and en vogue status. It may also be attractive to government spies and criminal hackers, thanks to several weaknesses in the encryption WhatsApp uses to protect messages from eavesdropping, researchers say.

    Among the most serious problems with WhatsApp's implementation of secure sockets layer (SSL) encryption is its support of version 2 of the protocol, according to a blog post published Thursday by a researcher from security consultancy Praetorian. That version is susceptible to several well-known attacks that allow people monitoring a connection between the two end points to decipher and in some cases manipulate the traffic as it passes through.

    read more »

  • Researchers Find SSL Problems in WhatsApp

    Friday, February 21, 2014, 1:40 PM | Praetorian coverage on ThreatPost

    Security researchers at Praetorian, who have been running a project known as Project Neptune to assess the security of mobile apps, did a limited assessment of the iOS and Android versions of WhatsApp and discovered a number of issues around the way the app uses SSL.

    “Within minutes, Project Neptune picked up on several SSL-related security issues affecting the confidentiality of WhatsApp user data that passes in transit to back-end servers. This is the kind of stuff the NSA would love. It basically allows them—or an attacker—to man-in-the-middle the connection and then downgrade the encryption so they can break it and sniff the traffic. These security issues put WhatsApp user information and communications at risk,” Paul Jauregui of Praetorian wrote in an explanation of their test.

    read more »

  • WhatsApp Comes Under New Scrutiny For Privacy Policy, Encryption Gaffs

    Friday, February 21, 2014, 9:29 AM | Praetorian coverage on Forbes

    On Thursday, researcher Paul Jauregui of the security firm Praetorian outlined a series of oversights in how WhatsApp ensures the encryption of its users’ communications, the latest in a series of concerns raised over the degree to which the company protects its 450 million users’ privacy from hackers, spies and now its new owners at Facebook.

    read more »

  • Weak Security In Most Mobile Banking Apps

    Thursday, December 12, 2013, 1:24 PM | Praetorian coverage on Dark Reading

    Security experts this month tested 275 Apple iOS- and Android-based mobile banking apps from 50 major financial institutions, 50 large regional banks, and 50 large U.S. credit unions. Overall, they found that eight out of 10 apps were improperly configured and not built using best practices software development. Among the big-name banks whose mobile apps were tested by security firm Praetorian include Bank of America, Citigroup, Wells Fargo, Goldman Sachs, Morgan Stanley, Capital One Financial, and Suntrust Banks. Praetorian did not disclose how each bank's apps fared in the tests.

    Nathan Sportsman, founder and CEO of Praetorian, says the security weaknesses in the mobile banking apps he and his team tested are not pure software vulnerabilities, so they are relatively low-risk issues that could ultimately lead to exploitation.

    read more »

  • Research Shows 8 out of 10 Mobile Banking Apps Contain Security Weaknesses

    Thursday, December 12, 2013, 6:50 AM | Praetorian Newsroom

    Praetorian released a study that explores challenges faced by today’s megabanks, regional banks, and credit unions while building and maintaining secure mobile banking apps. Praetorian has identified build and configuration weaknesses in the overwhelming majority of mobile banking apps available on the App Store and Google Marketplace. While cursory, the results of the analysis indicate a need for continued improvement in mobile application security as the critical underpinnings of society become increasingly dependent on mobile technology.

    read more »

  • Praetorian Launches Cloud-based Password Cracking Service

    Thursday, August 01, 2013, 2:32 PM | Praetorian coverage on SecurityWeek

    Praetorian, an Austin, Texas-based provider of information security solutions, has launched a new cloud-based platform that leverages the computing power of Amazon AWS in order to crack password hashes in a simple fashion.

    Online at PWAudit.com, the service provides organizations with reports that measure password strength and policy effectiveness to identify potential risks stemming from weak passwords.

    read more »

  • Praetorian Offers Free Access to New Cloud-based Password Cracking Service with GPU Support

    Wednesday, July 31, 2013, 8:00 AM | Praetorian Newsroom

    Praetorian, a leading information security provider, has announced the launch of PWAudit.com, a new cloud-based password auditing platform. Building on years of experience, Praetorian has designed a scalable, on-demand, cost-effective, and secure solution leveraging the elastic computing resources of Amazon AWS. Coupled with advanced reporting, organizations can finally measure password complexity and policy effectiveness to illuminate potential exposures due to weak passwords.

    read more »

  • Anthony Marquez Joins Praetorian’s Growing Team of Information Security Professionals

    Tuesday, January 22, 2013, 4:05 PM | Praetorian Newsroom

    Praetorian is excited to welcome Anthony Marquez to its growing team of information security professionals. As a member of the technical execution team, Anthony will be responsible for client-facing engagements under Praetorian’s tactical and strategic service offerings.

    Prior to joining Praetorian, Anthony worked at Lawrence Livermore National Labs (LLNL) where he was a key contributor to several projects that emphasized the lab’s mission of strengthening national security. During his time at LLNL, Anthony was able to work with an array of technologies including ultra-wideband radar systems, various biometric sensors, and mobile application development.

    read more »

  • Praetorian is Platinum Sponsor for Austin ISSA’s Charlie Miller iOS Security Event

    Tuesday, October 30, 2012, 4:18 PM | Praetorian Newsroom

    Praetorian is excited to be a platinum sponsor for the upcoming ISSA Chapter Meeting on Wednesday, November 7 from 11:00am to 3:00pm at St. Edwards Professional Education Center. The event will feature the famous/infamous security researcher Charlie Miller.

    Charlie Miller is currently on the Product Security Team at Twitter. Previously he was a security consultant with various firms, and also spent five years working for the National Security Agency. A four time winner of the CanSecWest Pwn2Own competition, he was the first with a public remote exploit for both the iPhone and the G1 Android phone. In 2011, he found a security hole in an iPhone’s or iPad’s security, whereby an application can contact a remote computer to download new unapproved software that can execute any command that could steal personal data or use iOS application functions for malicious purposes. As a proof of concept, Miller created an application called Instastock that got approved by Apple’s App Store. He then informed Apple about the security hole, who then promptly expelled him from the App Store.  He has hacked batteries, Second Life, and iOS codesigning.  Charlie has authored three information security books and holds a Ph.D. in mathematics from the University of Notre Dame.

    read more »

  • Praetorian sponsors 2012 Boston Application Security Conference (BASC)

    Tuesday, October 09, 2012, 3:12 PM | Praetorian Newsroom

    Praetorian is excited to sponsor and attend the upcoming 2012 Boston Application Security Conference (BASC). The Boston Application Security Conference (BASC) will be held Saturday, Oct. 13,  from 10 a.m. – 6:30 p.m. at Microsoft’s New England Research & Development Center at One Memorial Drive, Cambridge. Admission to the BASC is free but registration is required for breakfast, lunch, and the evening social time.

    read more »

  • Praetorian Partners with ITT Exelis in Support of Rapid Cyber Development for the U.S. Air Force

    Wednesday, August 01, 2012, 4:15 PM | Praetorian Newsroom

    Praetorian, an industry-leading information security service provider and cyber research firm, announced it is partnering with ITT Exelis (NYSE: XLS) as part of the Agile Cyber Technologies (ACT) indefinite delivery, indefinite quantity contract issued by the U.S. Air Force Research Laboratory (AFRL). The award has a potential value of up to $300 million over the life of the five-year task order-based contract.

    read more »

  • Praetorian Launches New Corporate Website

    Thursday, April 26, 2012, 10:00 AM | Praetorian Newsroom

    Praetorian, an industry-leading information security service provider, has just launched a major recruiting initiative that comprises both a comprehensive overhaul to its corporate website at www.praetorian.com and a company-wide effort aimed at attracting talented job applicants. “An overhaul to our website was needed to reflect where we are as a company,” comments Praetorian’s CEO Nathan Sportsman. “The new site is a more accurate portrayal of Praetorian.” The goal of this initiative is to find the very best candidates to fill numerous information security job openings.

    read more »

  • Praetorian Sponsors University of Texas ComSoc Hackathon

    Saturday, April 14, 2012, 10:23 AM | Praetorian Newsroom

    Praetorian proudly sponsored the first annual Hack-A-Thon, organized and hosted by The University of Texas chapter of IEEE Communications Society (ComSoc). ComSoc is an entirely student-led and student-organized group that promotes information security education on the UT campus. ComSoc holds regular student-led lectures on both offensive and defensive security techniques, with the goal of spreading knowledge and awareness of computer security issues to the students of UT’s ECE and CS departments.

    read more »

  • Praetorian Welcomes Josh Abraham to Its Growing Team

    Monday, March 26, 2012, 1:58 PM | Praetorian Newsroom

    Praetorian today announced that it has appointed Josh Abraham as Director of Professional Services. Josh most recently served in technical roles at Rapid7 and Hasbro Corporation. In his new role at Praetorian, he will be a key member of the technical execution team. In this capacity, he is responsible for leading, directing and executing client-facing engagements that include Praetorian’s tactical and strategic service offerings.

    read more »

  • Android: The Most Secure Mobile Platform @ Honeynet Workshop

    Monday, March 19, 2012, 6:11 PM | Praetorian Newsroom

    Is Android’s open mobile platform more secure than others? At the 2012 Honeynet Project Security Workshop, Praetorian’s Ryan W. Smith will share his belief that Android’s openness provides opportunities for attackers and defenders alike, and it’s time for defenders to regain the upper ground by leveraging this openness.

    read more »

  • InformationWeek and Dark Reading Security Virtual Event

    Friday, January 27, 2012, 7:08 PM | Praetorian Newsroom

    Praetorian’s VP of Research and Development, Ryan W. Smith, will join other security professionals on the Getting the Most From Third-Party Security Auditors and Penetration Testers panel at the Clouds, Outsourcing & Security Services event sponsored by InformationWeek & Dark Reading on February 15th, 2012.

    read more »

  • Praetorian Welcomes Its Newest Team Member, Matt Starolis

    Friday, January 06, 2012, 7:10 PM | Praetorian Newsroom

    Praetorian is excited to announce that Matt Starolis has joined our ranks. Matt will be responsible for driving Praetorian’s strategic growth and rapid expansion of the client base, partnerships, and revenue. Prior to joining Praetorian, Matt spent five years at National Instruments as a District Sales Manager covering Northern California’s Silicon Valley area. His client accounts ranged from Fortune 500 companies to startups in the energy, semiconductor, and medical device sectors. Key accounts included Lockheed Martin, NASA-Ames Research Center, Space Systems/Loral, and BAE.

    read more »

  • Ryan W. Smith to Present on STAAF at HICSS 2012

    Thursday, December 22, 2011, 9:41 PM | Praetorian Newsroom

    Praetorian’s VP of Engineering, Ryan W Smith, is presenting on STAAF (Scaling Android Application Analysis with a Modular Framework) at HICSS 2012. Mr. Smith’s research paper on STAAF has officially been nominated for the conference’s Best Paper award. For more information, visit the HICSS website.

  • “The Dragon is Awakening” voted Best Presentation of the Year

    Thursday, December 15, 2011, 10:10 PM | Praetorian Newsroom

    Last month, Nathan Sportsman presented on the dramatic escalation of State sponsored espionage to a full-house during ISSA Austin’s November meeting. The presentation attracted record attendance-levels and was recently voted “Best Presentation of the Year” by ISSA members. An updated video version of the presentation will soon be available online - Stay tuned.

  • Nathan Sportsman to Present at Austin ISSA Meeting on Nov 17, 2011

    Monday, November 14, 2011, 10:21 PM | Praetorian Newsroom

    Praetorian CEO, Nathan Sportsman, is delivering a presentation called “The Dragon is Awakening” to ISSA in Austin, TX on November 17, 2011. The presentation will illustrate how State sponsored espionage has dramatically escalated over the years [China in particular], while explaining how non-conventional solutions are required to combat the growing problem (register to attend).

  • Praetorian to Host Annual Security Vault Dinner in Austin, TX

    Thursday, October 20, 2011, 11:20 PM | Praetorian Newsroom

    A group of leading Information Security Executives will gather in Austin, TX on Thursday October 27th to explore top-of-mind security challenges, opportunities and recent successes within their industries. The dinner will be held in Perry’s private vault dinning room, which is a converted bank vault complete with an 18-inch steel bank vault door. The annual Security Vault Dinner falls on the eve of LASCON, a premier gathering of Information Security leaders and web application developers in Texas.

  • Ryan W Smith Presents STAAF at OWASP Austin Meeting

    Tuesday, September 27, 2011, 11:21 PM | Praetorian Newsroom

    Ryan W Smith presented STAAF, the framework for scalable and shareable Android app analysis, to OWASP Austin today (9/27/2011). In his STAAF Presentation, Ryan covered the framework’s architecture, current status and available implementations - as well as a quick demo with a handful of applications.

  • Daniel Herrera Selected to Present at LASCON 2011 in Austin, TX

    Wednesday, September 21, 2011, 11:32 PM | Praetorian Newsroom

    Praetorian’s newest team member, Daniel Herrera, has been selected to present at this years LASCON 2011 Conference in Austin, TX on Oct 28th. In his LASCON presentation, Daniel will focus on common obfuscation techniques identified in the wild that function in all modern browsers. The talk is targeted at a technical audience and each technique will be explained with functional examples demonstrating how and why a particular obfuscated method works.

  • Daniel Herrera Joins Praetorian

    Monday, August 01, 2011, 11:30 PM | Praetorian Newsroom

    Praetorian is excited to announce that Daniel Herrera has joined our ranks. Prior to joining Praetorian, Daniel worked as a security engineer at SecTheory and WhiteHat Security where he specialized in application penetration testing.

    Mr Herrera has extensive security experience in web related technologies and is a contributing member of the Web Application Security Consortium (WASC). He participated in several projects and has authored content for the WASC Threat Classification v2.0. An avid researcher, his recent analysis and security discoveries in Palm WebOS were reported on by several news outlets including Information Week and Dark Reading

    At Praetorian, Daniel will continue research and development of advanced attack techniques against emerging technologies.

  • Agile Austin Meeting: Building Security into the Next Iteration

    Tuesday, July 12, 2011, 12:03 AM | Praetorian Newsroom

    Praetorian’s Matt Tesauro, OWASP Board Member and WTE Project Lead, to speak at Agile Austin’s July 12th meeting. Using the OWASP Web Test Environment (WTE), he will showcase best practices and demonstrate secure methods for designing and testing your software for ruggedness.

  • Matt Tesauro Joins Security Panel at Austin SecureSDLC

    Tuesday, June 14, 2011, 12:05 AM | Praetorian Newsroom

    Praetorian’s Vice President of Services, Matt Tesauro, will join Michael Howard (Microsoft), Mano Paul, and Wendy Nather (451 Group) on the security panel at Austin SecureSDLC on June 14th.

  • Ryan W Smith Speaks on Mobile Application Privacy

    Wednesday, May 18, 2011, 12:05 AM | Praetorian Newsroom

    Ryan W. Smith, Praetorian and Tyler Shields, Veracode deliver a highly anticipated webinar that looks under the hood of a huge selection of Android applications and provides a quantitative examination of the application security posture of today’s mobile application space.

  • Nathan Sportsman Contributes to NIST SP 800-53 Rev 4

    Friday, April 29, 2011, 12:06 AM | Praetorian Newsroom

    Nathan Sportsman has provided feedback on the next release of NIST special publication 800-53. Proposed changes focused on software assurance and its related controls. The Join Task Force is expected to incorporate contributions later this year.

  • Ryan W Smith has been Accepted as a Google Summer of Code (GSoC) Mentor

    Monday, April 11, 2011, 12:08 AM | Praetorian Newsroom

    Ryan Smith will be the primary mentor for a proposed Android Static Malware Analysis project and a secondary mentor on another related Android Dynamic Malware Analysis project. Praetorian is proud to support Ryan’s continued work through The Honeynet Project during this year’s Google Summer of Code where he will be mentoring a college student through a new project in mobile security.

  • Adam Pridgen selected as a National Physical Science Consortium Fellow

    Tuesday, March 22, 2011, 12:09 AM | Praetorian Newsroom

    The Praetorian Team is proud to announce that Adam Pridgen has been selected as a National Physical Science Consortium (NPSC) Fellow.  The NPSC awards fellowships to outstanding students who are pursuing degrees in Sciences, Technology, Engineering and Mathematics fields and who have shown promise with their past achievements and current academic standings.

  • Nathan Sportsman Quoted on Foxnews.com

    Thursday, March 03, 2011, 11:10 PM | Praetorian Newsroom

    Nathan Sportsman was quoted in a foxnews article regarding the manipulation of popular search terms to index and return malicious sites in an attempt to distribute malware to unsuspecting users.

  • Ryan W Smith Prepares for Honeynet Summit in Paris

    Wednesday, March 02, 2011, 11:10 PM | Praetorian Newsroom

    Ryan W Smith has been invited to speak at the Honeynet Summit held in Paris from March 21st to the 25th where he will discuss his latest mobile malware research with the community.

  • Matt Tesauro Gives SC World Congress Keynote

    Monday, February 21, 2011, 11:11 PM | Praetorian Newsroom

    Matt Tesauro set to give the keynote “Why do vulnerabilities in web apps still linger?” at the SC World Congress eSymposium on February 24, 2011 @ 11:30 CST. The webinar is free and event registration can be done here.

  • Matt Tesauro Interviewed by InfoQ

    Sunday, February 13, 2011, 11:10 PM | Praetorian Newsroom

    InfoQ caught up with WTE project lead Matt Tesauro to learn more about the background, current state, various tools it supports and the future road map of the project.

  • Matt Tesauro Releases New OWASP Live CD

    Friday, February 04, 2011, 11:12 PM | Praetorian Newsroom

    The most exciting release since its inception! The main goal of the OWASP Live CD, recoined the Web Testing Environment (WTE) project, which is a part of The Open Web Application Security Project (OWASP) organization, is to make application security tools and documentation available to the application developers and QA testers so the security is built into every aspect of the software development life cycle.

  • Adam Pridgen Volunteers for KIPP Outreach Program

    Thursday, January 27, 2011, 11:13 PM | Praetorian Newsroom

    Today Adam Pridgen participated in Science, Engineering, Technology, and Mathematics Day at KIPP Academy Middle School in Southwest Houston. “KIPP, the Knowledge Is Power Program, is on a mission to develop in under served students the academic skills, intellectual habits, and qualities of character necessary to succeed at all levels of pre-kindergarten through 12th grade, college, and the competitive world beyond.

    This is the first year professionals and graduate students were invited to participate in the event, which lasts all day.  Adam learned of the opportunity through a posting at Rice, and as part of Praetorian’s Outreach Initiatives, he volunteered to speak with sixth graders about computer engineering and computer science.  During this event, Adam spent time with sixth graders to talk about what it means to be a computer engineer and computer scientist and the impact these professions will have on the future.

  • Ryan W Smith Founds Texas-Based Honey Project Chapter

    Wednesday, January 12, 2011, 11:13 PM | Praetorian Newsroom

    As a show of support for high quality open source and collaborative research, Praetorian’s own Ryan W Smith has founded a Texas-based Honeynet Project chapter, The RoT-1 Honeynet Project. Ryan is no stranger to The Honeynet Project. He was an active member of The University of Texas Honeynet Project from 2002-2008 and has spoken on the topic to numerous professional security organizations and government agencies throughout Texas.

    Many of the other members of the new RoT-1 chapter have also been involved with the Honeynet Project previously including Praetorian’s Adam Pridgen, who was also active in The University of Texas Honeynet Project. With such a seasoned and capable member list, the project is expected to hit the ground running and quickly become one of the most active chapters in the project and the project’s ambassadors to Texas and the surrounding region.

    Praetorian is proud to support Ryan and Adam in their involvement with the RoT-1 Honeynet Project Chapter, and their mission “to learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.”

  • Greg Genung Joins Praetorian

    Sunday, January 02, 2011, 11:15 PM | Praetorian Newsroom

    Praetorian is excited to announce Greg Genung has joined our team. As Vice President of Sales, Greg is responsible for Praetorian’s market expansion and growth. Greg will be closely involved with the leadership team to grow the consulting, research, and products practices. Over the last five years, Greg has built strong relationships with CIO’s and CISO’s in both the public and private sector. His efforts have helped his clients achieve secure, rugged, and resilient enterprise software.

    Prior to joining Praetorian, Greg was a Business Development Manager for the Denim Group, Ltd. where he led significant sales growth in public Sector and Fortune 500 Market-Entry. His background and experience includes sales, marketing, and brand awareness for new information security service and product segments. Greg currently serves on the Austin OWASP Chapter Board, has served on Austin’s ISSA Board since 2008, and also served on the TASSCC TAG Board as Education Director in 2010. Greg is a graduate of Trinity University in San Antonio, Texas.

  • Matt Tesauro Gives Keynote @ OWASP LASCON

    Friday, October 29, 2010, 12:16 AM | Praetorian Newsroom

    Matt Tesauro delivered the keynote “Why does bad software happen to good people?” at OWASP’s Lonestar Security Conference. His presentation showed the pervasiveness of software in modern society, demonstrated the implications poorly written software can have, and provided suggestions for a way forward.

  • Matt Tesauro Joins Praetorian

    Monday, October 18, 2010, 12:16 AM | Praetorian Newsroom

    Praetorian is pleased to announce Matt Tesauro has joined our team. Matt has been involved in the Information Technology industry for more than 10 years. Prior to joining Praetorian, Matt was a Security Consultant at Trustwave’s SpiderLabs. Matt’s focus has been in application security including testing, code reviews, design reviews and security training. His background in web application development and system administration helped bring a holistic focus to Secure SDLC efforts he’s driven.

    Matt is currently on the board of the OWASP Foundation and highly involved in many OWASP projects and committees. Matt is the project leader of the OWASP WTE (Web Testing Environment) which is the source of the OWASP LIVE CD Project and Virtual Machines pre-configured with tools and documentation for testing web applications.

    He has taught both graduate level university courses and for large financial institutions. Matt has presented and provided training a various industry events including DHS Software Assurance Workshop, AppSec EU, AppSec US, AppSec Academia, and AppSec Brazil. Matt Tesauro has a B.S. in Economics and a M.S in Management Information Systems from Texas A&M University.

  • OWASP LASCON Sponsorship

    Monday, August 30, 2010, 12:24 AM | Praetorian Newsroom

    Praetorian is proud to announce they are sponsoring the OWASP LASCON 2010 conference held October 29th in Austin, TX. LASCON 2010 is a premier gathering of Information Security leaders and web application developers in Texas. Texas has more Fortune 500 companies than any other state. Executives from these companies along with technical thought leaders, security architects and lead developers gather to share cutting-edge ideas, initiatives, and technology advancements.

  • Adam Pridgen Speaks @ Defcon 18

    Sunday, August 01, 2010, 12:24 AM | Praetorian Newsroom

    Adam Pridgen provided a joint presentation at Defcon 18. The presentation is a case study about an approach to building reverse engineering tools, but in this case, a network bridge between IDA Pro and Debuggers. The presentation will cover the development side of things, and discuss how to leverage open source projects as supplements for code and learning aids, detail useful sources for this type of development, and provide insight about how to build C++ extensions for WinDbg and IDA, as well as building Python plugins for ImmunityDebugger and VDB.

  • Ryan W. Smith Joins Praetorian

    Monday, July 12, 2010, 12:25 AM | Praetorian Newsroom

    Praetorian is excited to announce Ryan W. Smith has joined our ranks. Ryan’s current focus is on the research and development of technology and systems in support of computer network defense, attack, and exploitation.

    Prior to joining Praetorian, Ryan Smith was an Associate Staff member of the Information Systems Technology Group at MIT Lincoln Laboratory. His previous work at Lincoln Labs was in the code analysis group, in which he focused on the development of a prototype tool to automate the malware analysis process using information flow and virtual machine introspection. Prior to Lincoln Laboratory, Mr. Smith worked at 21st Century Technologies and Applied Research Labs in Austin, TX, and PricewaterhouseCoopers in Dallas, TX. Previous work has included graph-based network attack correlation, steganography, netflow traffic analysis, vulnerability and risk analysis, and identity management.

    Ryan received a M.S. in Security informatics from Johns Hopkins, where he focused on network and systems security as well as privacy and technical public policy. He also received a B.S in Electrical Engineering from The University of Texas in Austin, where he focused on information assurance and network communications.