Category: Miscellaneous

As part of the non-traditional benefits we extend to all team members, this year, PEN Consultants was pleased to add - for the first time - a mission trip. Each of our team members (and one of their family members) had the opportunity to participate at no charge to them. Click here for more information […]

PEN Consultants held its annual meet-up June 8-11, 2023, giving team members the opportunity to meet each other face-2-face, participate in team-building activities, and give back to the community by helping those who are disadvantaged and in need. Here is a summary of that event. Thursday Hill Country Daily Bread Serving at a ministry we […]

Vulnerabilities are everywhere. You can be assured your systems have them. There is a good chance the vulnerabilities in your systems may be discovered by an outside party. Do you have internal policies and procedures in place on how to deal with that when it happens? Do you have a public version of that posted? […]

PEN Consultants held its inaugural annual meet-up October 8th – 10th 2021, giving each team member (and their family) the ability to meet each other face-2-face (many for the first time), participate in team-building activities, and give back to the community. Here is a summary of that event. Friday Meeting up at the Neel’s house […]

Throughout most of 2021, we have been increasingly pursued by various business referral partners and investment firms, asking if we would be interested in merging with them or being acquired. This is our boilerplate statement, so as to not have to repeat ourselves. Thanks for reaching out! I don’t think we’re going to be interested […]

On 08 Sep 2021, we utilized Ramsey Solutions’ SmartVestor Pro service to find a firm that could help maximize our investment strategy as both a business and personally. This is a review of our experience with that service. Thank You Thank you to Dave Ramsey and his team for providing this service! We’ve used their ELP service in the […]

17 Sep 2021: Robert Neel of PEN Consultants joined Pete Martin and James Beecham on ALTR’s The Data-Planet to discuss data security challenges and best practices. Source: https://www.linkedin.com/posts/altrsoftware_the-data-planet-this-week-pete-and-james-activity-6844676380626620416-w3Dm If you are interested to know how your network services and web apps would perform against these types of attacks, but you do not have the expertise or resources to do so, contact PEN Consultants today!

An ongoing responsible (but frustrating) vulnerability disclosure with a well-known cybersecurity vendor. After reading through this, please leave your feedback at one of the following polls: The vulnerability risk scores somewhere between a 4.0 and 4.2 on a CVSS calculation (ex. https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N), so not a huge deal. We could certainly develop a working PoC (with time), […]

Here’s a look at the results from our recent effort analyzing GraphQL API endpoints across the web, and the percentage of those endpoints that allowed an unauthenticated user to view the query & data schema. The intent of this article is to address the implications of allowing this schema to be retrieved, similar technologies that […]

This article will demonstrate how to perform a mass collection of all phone records in an enterprise from many popular series of Cisco IP Phones and how to prevent it. Many of the Cisco IP Phone series have a built-in web server that allows users and admins to “view the phone statistics and modify some […]