{"@context":"https://schema.org","@type":"WebSite","url":"https://orasec.co","mainEntity":[{"@type":"WebPage","url":"https://orasec.co","name":"Home"},{"@type":"WebPage","url":"https://orasec.co/about","name":"About Us"},{"@type":"WebPage","url":"https://orasec.co/contact","name":"Contact Us"},{"@type":"WebPage","url":"https://orasec.co/products","name":"Products"},{"@type":"WebPage","url":"https://orasec.co/pentia","name":"Pentia - PTaaS Platform"},{"@type":"WebPage","url":"https://orasec.co/signal","name":"Signal - Darknet Intelligence"},{"@type":"WebPage","url":"https://orasec.co/resources","name":"Resources"},{"@type":"WebPage","url":"https://orasec.co/faq","name":"FAQ"},{"@type":"WebPage","url":"https://orasec.co/testimonials","name":"Testimonials"},{"@type":"WebPage","url":"https://orasec.co/careers","name":"Careers"},{"@type":"WebPage","url":"https://orasec.co/services","name":"Security Services","description":"Comprehensive penetration testing and offensive security services"},{"@type":"Service","url":"https://orasec.co/services/external-penetration-testing","name":"External Penetration Testing","description":"Simulate real-world attacks on internet-facing infrastructure. Manual pentests find vulnerabilities scanners miss before attackers exploit them."},{"@type":"Service","url":"https://orasec.co/services/internal-penetration-testing","name":"Internal Penetration Testing","description":"Test internal defenses with assumed-breach scenarios. Find lateral movement paths, privilege escalation risks, and Active Directory weaknesses."},{"@type":"Service","url":"https://orasec.co/services/web-application-security-testing","name":"Web Application Security Testing","description":"Comprehensive web app penetration testing covering OWASP Top 10 and beyond. Find business logic flaws and auth bypasses automated tools miss."},{"@type":"Service","url":"https://orasec.co/services/mobile-application-security-testing","name":"Mobile Application Security Testing","description":"iOS and Android app security testing covering client-side flaws, API security, and data storage risks. Protect your mobile users."},{"@type":"Service","url":"https://orasec.co/services/api-security-testing","name":"API Security Testing","description":"Manual API pen testing by certified testers. We find BOLA, BFLA, and logic flaws automated tools miss — covering OWASP API Top 10 across REST, GraphQL, and gRPC."},{"@type":"Service","url":"https://orasec.co/services/network-infrastructure-penetration-testing","name":"Network Infrastructure Penetration Testing","description":"Internal and external network penetration testing by certified testers. We uncover misconfigurations, lateral movement paths, and segmentation failures across routers, firewalls, and servers — before attackers do. OraSec."},{"@type":"Service","url":"https://orasec.co/services/red-teaming","name":"Red Teaming","description":"Adversary simulation and red teaming services by certified experts. We test whether your people, processes, and technology can detect and contain a determined attacker — from phishing to full network compromise. OraSec."},{"@type":"Service","url":"https://orasec.co/services/threat-hunting","name":"Threat Hunting","description":"Proactive threat hunting with expert analysts and advanced telemetry analysis. Find threats your tools missed and reduce attacker dwell time."},{"@type":"Service","url":"https://orasec.co/services/cloud-security-assessment","name":"Cloud Security Assessment","description":"AWS, Azure, and GCP security assessments covering IAM, network configuration, and data protection. Secure your cloud infrastructure."},{"@type":"Service","url":"https://orasec.co/services/active-directory-penetration-testing","name":"Active Directory Penetration Testing","description":"Active Directory penetration testing finds domain and identity weaknesses, Kerberos attack paths, delegation abuse, and trust risks."},{"@type":"Service","url":"https://orasec.co/services/ai-llm-security-testing","name":"AI / LLM Security Testing","description":"AI and LLM security testing finds prompt injection risks, model manipulation paths, unsafe plugin integrations, and AI app vulnerabilities."},{"@type":"Service","url":"https://orasec.co/services/blockchain-penetration-testing","name":"Blockchain Penetration Testing","description":"Blockchain penetration testing for smart contracts, dApps, and infrastructure — find on-chain and off-chain attack paths before attackers do."},{"@type":"Service","url":"https://orasec.co/services/healthcare-penetration-testing","name":"Healthcare Penetration Testing","description":"Healthcare penetration testing finds vulnerabilities exposing patient data, disrupting clinical operations, and compromising medical systems."},{"@type":"Service","url":"https://orasec.co/services/iot-penetration-testing","name":"IoT Penetration Testing","description":"IoT penetration testing finds vulnerabilities in connected devices, embedded systems, and IoT networks. Certified testers, real-world attacks."},{"@type":"Service","url":"https://orasec.co/services/ot-scada-penetration-testing","name":"OT / SCADA Penetration Testing","description":"OT and SCADA penetration testing identifies vulnerabilities in operational technology and industrial control systems protecting critical infrastructure."},{"@type":"Service","url":"https://orasec.co/services/pci-dss-penetration-testing","name":"PCI DSS Penetration Testing","description":"PCI DSS penetration testing identifies vulnerabilities in cardholder data environments and payment infrastructure required for PCI compliance."},{"@type":"Service","url":"https://orasec.co/services/physical-penetration-testing","name":"Physical Penetration Testing","description":"Physical penetration testing identifies vulnerabilities in facilities, access controls, and premises security through real-world intrusion simulation."},{"@type":"Service","url":"https://orasec.co/services/ransomware-readiness-assessment","name":"Ransomware Readiness Assessment","description":"Ransomware readiness assessment finds the security gaps, detection failures, and response weaknesses ransomware operators exploit to extort you."},{"@type":"Service","url":"https://orasec.co/services/saas-penetration-testing","name":"SaaS Penetration Testing","description":"SaaS penetration testing finds vulnerabilities exposing customer data, breaking multi-tenant isolation, and compromising cloud-hosted platforms."},{"@type":"Service","url":"https://orasec.co/services/social-engineering-phishing-simulation","name":"Social Engineering & Phishing Simulation","description":"Social engineering and phishing simulation identifies human vulnerabilities, process weaknesses, and security awareness gaps attackers exploit."},{"@type":"Service","url":"https://orasec.co/services/vulnerability-assessment-penetration-testing","name":"Vulnerability Assessment and Penetration Testing (VAPT)","description":"VAPT services identify and validate security weaknesses across networks, applications, cloud, and infrastructure with real-world attack simulation."},{"@type":"WebPage","url":"https://orasec.co/threat-intelligence","name":"Threat Intelligence"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-supply-chain-security-companies-2025-tools","name":"Top 10 Best Supply Chain Intelligence Security Companies in 2026","datePublished":"2026-06-09T13:19:00.000+00:00","dateModified":"2026-06-09T13:21:35.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-ways-to-speed-up-alert-triage-for-soc-team","name":"10 Best Ways to Speed Up Alert Triage for SOC Teams | SOC Efficiency Guide","datePublished":"2026-06-09T11:34:00.000+00:00","dateModified":"2026-06-09T13:35:41.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/penetration-testing-vs-vulnerability-assessment","name":"Penetration Testing vs Vulnerability Assessment: Key Differences Guide","datePublished":"2026-06-08T23:14:00.000+00:00","dateModified":"2026-06-09T12:47:41.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/red-team-vs-blue-team-vs-purple-team","name":"Red Team vs Blue Team vs Purple Team: Key Differences, Tools & Use Cases","datePublished":"2026-06-08T00:04:00.000+00:00","dateModified":"2026-06-09T13:29:31.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-deception-tools","name":"Best Deception Tools: Features, Benefits, and Best Practices","datePublished":"2026-06-07T11:53:00.000+00:00","dateModified":"2026-06-09T13:44:08.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/bastion-host-guide-types-use-cases-security","name":"What Is a Bastion Host? Types, Use Cases, and Safety Measures","datePublished":"2026-06-05T14:13:00.000+00:00","dateModified":"2026-06-09T12:37:27.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-anti-phishing-tools","name":"Best Anti Phishing Tools in 2026 | Email, Browser & Business Protection Guide","datePublished":"2026-06-04T09:51:00.000+00:00","dateModified":"2026-06-09T12:26:47.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-static-code-analysis-tools","name":"Best Static Code Analysis Tools: Strengthen Your Software Security","datePublished":"2026-06-03T15:32:00.000+00:00","dateModified":"2026-06-09T12:07:38.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/reasons-why-cybersecurity-is-essential","name":"10 Powerful Reasons Why Cybersecurity Is Essential in Today’s Digital World","datePublished":"2026-06-02T16:25:00.000+00:00","dateModified":"2026-06-09T11:57:21.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/web-application-security-issues-and-their-solutions","name":"Top 10 Web Application Security Issues and Their Solutions","datePublished":"2026-06-01T10:28:00.000+00:00","dateModified":"2026-06-09T11:39:53.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/application-security-vs-devsecops","name":"Application Security vs DevSecOps: Differences, Pros, Cons","datePublished":"2026-05-22T11:12:26.000+00:00","dateModified":"2026-05-22T11:12:26.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/dast-vs-penetration-testing","name":"DAST vs Penetration Testing: 10 Key Differences You Should Know","datePublished":"2026-05-21T11:04:33.000+00:00","dateModified":"2026-05-21T11:04:33.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/phishing-vs-spear-phishing-vs-whaling","name":"Phishing vs Spear Phishing vs Whaling: 10 Key Differences","datePublished":"2026-05-20T10:42:00.000+00:00","dateModified":"2026-05-21T10:50:55.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/google-cloud-security-risks","name":"Top 10 Google Cloud Security Risks Every Business Should Know","datePublished":"2026-05-18T10:10:00.000+00:00","dateModified":"2026-05-21T10:10:48.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-is-cloud-threat-hunting","name":"What Is Cloud Threat Hunting? Process, Tools, Benefits & Best Practices","datePublished":"2026-05-15T08:37:09.000+00:00","dateModified":"2026-05-15T08:37:09.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/steps-to-improve-cloud-security-vulnerability-remediation","name":"10 Steps to Improve Cloud Security Vulnerability Remediation","datePublished":"2026-05-14T09:39:00.000+00:00","dateModified":"2026-05-15T10:42:34.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-is-penetration-testing","name":"What Is Penetration Testing? Importance, Benefits & Cybersecurity Guide","datePublished":"2026-05-13T16:36:00.000+00:00","dateModified":"2026-05-15T11:38:21.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-is-cuec-in-soc-report","name":"What is CUEC in SOC Report? Meaning, Importance, Examples & Best Practices","datePublished":"2026-05-13T10:00:00.000+00:00","dateModified":"2026-05-15T10:42:06.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/benefits-of-network-security","name":"Top 10 Benefits of Network Security for Businesses","datePublished":"2026-05-12T10:17:00.000+00:00","dateModified":"2026-05-15T10:41:34.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/free-malware-analysis-tools","name":"Best Free Malware Analysis Tools","datePublished":"2026-05-11T17:32:00.000+00:00","dateModified":"2026-05-15T10:53:10.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/honeypot-vs-honeynet-in-cybersecurity","name":"Honeypot vs Honeynet in Cybersecurity: Uses, Pros, Cons","datePublished":"2026-05-11T10:39:00.000+00:00","dateModified":"2026-05-15T10:40:25.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/the-future-of-red-teaming","name":"The Future of Red Teaming: How Automation Is Revolutionizing Cybersecurity","datePublished":"2026-05-08T19:55:00.000+00:00","dateModified":"2026-05-09T06:47:15.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/vulnerability-management-vs-risk-management","name":"Vulnerability Management vs Risk Management: Definition, Lifecycle, Differences","datePublished":"2026-05-08T08:45:53.000+00:00","dateModified":"2026-05-08T08:45:53.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-is-api-hacking-prevention","name":"What is API Hacking and How to Prevent It?","datePublished":"2026-05-07T20:29:00.000+00:00","dateModified":"2026-05-09T06:36:34.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/how-to-stop-bad-rabbit-ransomware","name":"How to Stop Bad Rabbit Ransomware: Prevention, Removal, and Recovery","datePublished":"2026-05-07T17:25:16.000+00:00","dateModified":"2026-05-07T17:25:16.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/how-to-prevent-back-door-attacks","name":"How To Prevent Back Door Attacks in 10 Easy Steps?","datePublished":"2026-05-06T11:10:39.000+00:00","dateModified":"2026-05-06T11:10:39.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/ai-powered-investment-scams","name":"AI-Powered Investment Scams: How They Work, Risks, Types & Protection Guide","datePublished":"2026-05-05T14:30:00.000+00:00","dateModified":"2026-05-09T05:18:23.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-is-digital-risk-protection-strategy","name":"What is Digital Risk Protection Strategy: Types, Components, How to Build","datePublished":"2026-05-05T07:31:18.000+00:00","dateModified":"2026-05-06T11:28:22.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/vulnerability-remediation-vs-mitigation-key-differences","name":"Vulnerability Remediation vs Mitigation: 10 Key Differences","datePublished":"2026-05-05T07:03:32.000+00:00","dateModified":"2026-05-05T11:03:35.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/choose-the-right-penetration-testing-provider","name":"How to Choose the Right Penetration Testing Provider: Critical Questions to Ask!","datePublished":"2026-05-04T16:50:00.000+00:00","dateModified":"2026-05-15T10:51:32.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/ptaas-vs-traditional-pentesting","name":"PTaaS vs Traditional Pentesting: Key Differences, Benefits & Best Choice","datePublished":"2026-05-04T08:15:00.000+00:00","dateModified":"2026-05-09T04:58:16.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-is-session-hijacking-types-risks-and-prevention","name":"What Is Session Hijacking: Types, Risks & Prevention","datePublished":"2026-05-03T08:43:00.000+00:00","dateModified":"2026-05-15T10:52:26.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/the-challenge-of-real-time-cyber-protection","name":"Top 10 Cybersecurity Threats to Businesses","datePublished":"2026-05-01T17:01:00.000+00:00","dateModified":"2026-05-15T10:47:45.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/breach-attack-simulation-vs-red-teaming","name":"Breach Attack Simulation vs Red Teaming: Differences, Uses, Pros, and Cons","datePublished":"2026-05-01T11:39:28.000+00:00","dateModified":"2026-05-01T11:39:28.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/importance-of-security-risk-management-for-growing-tech-companies","name":"Importance of Security Risk Management For Growing Tech Companies","datePublished":"2026-04-30T17:11:27.000+00:00","dateModified":"2026-04-30T17:11:27.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/top-benefits-of-idr-automation","name":"Top 10 Benefits of IDR Automation for Incident Response","datePublished":"2026-04-29T12:17:22.000+00:00","dateModified":"2026-04-29T12:17:22.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-are-software-vulnerabilities","name":"What Are Software Vulnerabilities? Causes, Types, Challenges","datePublished":"2026-04-28T04:36:28.000+00:00","dateModified":"2026-04-28T04:36:28.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/hybrid-attack-in-cyber-security","name":"Hybrid Attack in Cyber Security | How it Works, Types, Prevention","datePublished":"2026-04-27T04:59:00.000+00:00","dateModified":"2026-04-28T04:59:34.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-security-incident-response-tools","name":"Best Security Incident Response Tools","datePublished":"2026-04-25T05:00:00.000+00:00","dateModified":"2026-04-28T19:16:11.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/application-control-101","name":"Application Control 101: Definition, Features, Benefits, and Best Practices","datePublished":"2026-04-21T10:59:00.000+00:00","dateModified":"2026-04-21T11:44:21.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/0-day-clickjacking-vulnerabilities-password-managers","name":"0-Day Clickjacking Vulnerabilities Found in Major Password Managers","datePublished":"2026-04-20T11:46:00.000+00:00","dateModified":"2026-04-21T11:02:51.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/cloud-penetration-testing-rules-limitations-best-practices-guidelines","name":"Cloud Penetration Testing Rules, Limitations, Best Practices & Guidelines","datePublished":"2026-04-10T00:17:46.000+00:00","dateModified":"2026-04-10T00:17:46.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/server-side-request-forgery-ssrf-explained","name":"Server-Side Request Forgery (SSRF) Explained: Risks, Examples & Prevention","datePublished":"2026-04-08T23:48:44.000+00:00","dateModified":"2026-04-08T23:48:44.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/how-to-prepare-your-organization-for-a-pentest-step-by-step-guide","name":"How to Prepare Your Organization for a Pentest: Step-by-Step Guide","datePublished":"2026-04-07T23:38:04.000+00:00","dateModified":"2026-04-07T23:38:04.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/why-mfa-alone-doesnt-stop-account-takeovers","name":"Why MFA Alone Doesn’t Stop Account Takeovers","datePublished":"2025-12-31T06:15:53.000+00:00","dateModified":"2025-12-31T06:15:53.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/why-attackers-love-non-production-environments","name":"Why Attackers Love Non-Production Environments","datePublished":"2025-12-31T05:57:01.000+00:00","dateModified":"2025-12-31T05:57:01.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/what-happens-after-a-penetration-test-ends","name":"What Happens After a Penetration Test Ends?","datePublished":"2025-12-31T05:35:55.000+00:00","dateModified":"2025-12-31T05:35:55.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/how-to-integrate-ai-into-modern-soc-workflows","name":"How to Integrate AI into Modern SOC Workflows","datePublished":"2025-12-30T10:24:40.000+00:00","dateModified":"2025-12-30T11:03:44.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/why-internal-systems-are-the-first-target-after-initial-access","name":"Why Internal Systems Are the First Target After Initial Access","datePublished":"2025-12-30T08:37:51.000+00:00","dateModified":"2025-12-30T11:08:07.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/why-dark-web-monitoring-alone-is-not-enough","name":"Why Dark Web Monitoring Alone Is Not Enough","datePublished":"2025-12-30T06:42:55.000+00:00","dateModified":"2025-12-30T11:13:40.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/how-attackers-sell-initial-access-on-the-dark-web","name":"How Attackers Sell Initial Access on the Dark Web","datePublished":"2025-12-30T06:33:13.000+00:00","dateModified":"2025-12-30T11:15:15.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/firebase-security-mistakes-that-leak-user-data","name":"Firebase Security Mistakes That Leak User Data","datePublished":"2025-12-30T06:03:09.000+00:00","dateModified":"2025-12-30T11:16:55.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/stolen-github-token-led-to-internal-system-compromise","name":"Stolen GitHub Token Led to Internal System Compromise","datePublished":"2025-12-30T05:47:25.000+00:00","dateModified":"2025-12-30T11:18:14.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/one-misconfigured-api-gateway-away-from-full-account-takeover","name":"One Misconfigured API Gateway Away From Full Account Takeover","datePublished":"2025-12-30T05:37:36.000+00:00","dateModified":"2025-12-30T11:19:26.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/certificate-based-authentication-cba-a-simple-guide-for-modern-security","name":"Certificate-Based Authentication (CBA): A Simple Guide for Modern Security","datePublished":"2025-12-29T12:07:17.000+00:00","dateModified":"2025-12-30T11:20:42.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/mongodb-security-common-risks-and-how-companies-get-breached","name":"MongoDB Security: Common Risks and How Companies Get Breached","datePublished":"2025-12-29T11:46:41.000+00:00","dateModified":"2025-12-30T11:22:40.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/shadow-asset-unsecured-test-server-left-sensitive-customer-data-exposed","name":"Shadow Asset: Unsecured Test Server Left Sensitive Customer Data Exposed","datePublished":"2025-12-26T09:05:51.000+00:00","dateModified":"2025-12-30T11:25:22.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/stolen-admin-credentials-found-on-the-dark-web-before-attackers-could-strike","name":"Stolen Admin Credentials Found on the Dark Web Before Attackers Could Strike","datePublished":"2025-12-26T08:59:03.000+00:00","dateModified":"2025-12-29T09:11:00.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/how-a-cloud-misconfiguration-nearly-led-to-a-5m-gdpr-fine","name":"How a Cloud Misconfiguration Nearly Led to a $5M GDPR Fine","datePublished":"2025-12-26T08:53:22.000+00:00","dateModified":"2025-12-29T11:00:41.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/one-idor-away-from-exposing-2-7-million-customer-records","name":"One IDOR Away From Exposing 2.7 Million Customer Records","datePublished":"2025-12-26T07:56:00.000+00:00","dateModified":"2025-12-29T10:15:09.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/from-initial-foothold-to-domain-admin-a-complete-active-directory-takeover","name":"From Initial Foothold to Domain Admin: A Complete Active Directory Takeover","datePublished":"2025-12-26T07:13:40.000+00:00","dateModified":"2025-12-30T11:30:44.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/data-breaches-may-2025","name":"Data Breaches in May 2025: What You Need to Know","datePublished":"2025-10-23T14:31:05.000+00:00","dateModified":"2025-12-26T07:05:32.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/gemini-cli-for-kali-linux-penetration-testing-automation","name":"Gemini CLI for Kali Linux Penetration Testing Automation: The AI Force Multiplier","datePublished":"2025-10-08T11:49:10.000+00:00","dateModified":"2025-12-26T07:24:02.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/cross-site-request-forgery-security-guide","name":"What is Cross-Site Request Forgery?","datePublished":"2025-09-23T17:49:24.000+00:00","dateModified":"2025-12-26T07:29:35.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/http-status-codes-tip-off-hacker-security","name":"How Can HTTP Status Codes Tip Off a Hacker?","datePublished":"2025-09-18T08:20:23.000+00:00","dateModified":"2025-12-25T14:28:58.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/dmarc-guide","name":"Domain-Based Message Authentication Reporting & Conformance (DMARC): Your Ultimate Email Security Shield","datePublished":"2025-09-17T07:34:40.000+00:00","dateModified":"2025-12-25T14:29:01.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/malware-persistence-mechanisms-hackers-guide","name":"Top 6 Malware Persistence Mechanisms Used by Hackers: A Detailed Guide","datePublished":"2025-09-16T13:06:41.000+00:00","dateModified":"2025-12-25T14:29:05.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/host-based-intrusion-detection-system-hids-guide","name":"What is Host-based Intrusion Detection System?","datePublished":"2025-09-08T11:03:50.000+00:00","dateModified":"2025-09-08T11:03:50.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/ghidra-11-3-released-nsa-reverse-engineering-tool","name":"Ghidra 11.3 Released—NSA's Powerful Reverse Engineering Tool","datePublished":"2025-09-04T12:24:01.000+00:00","dateModified":"2025-12-25T14:29:12.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/ssh-keys-enterprise-security-blind-spot","name":"SSH Keys Are Crucial for Secure Remote Access but Often Remain a Blind Spot in Enterprise Security","datePublished":"2025-09-03T11:26:48.000+00:00","dateModified":"2025-12-25T14:29:16.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/prompt-injection-attacks-bypassing-ai-agents-security-guide","name":"How Prompt Injection Attacks Bypassing AI Agents With Users Input","datePublished":"2025-09-02T07:08:08.000+00:00","dateModified":"2025-12-25T14:29:18.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/saas-security-admin-guide-2025","name":"The Ultimate SaaS Security Admin Guide – 2025","datePublished":"2025-08-29T10:58:02.000+00:00","dateModified":"2025-12-25T14:29:22.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/mcp-server-ai-cyber-defense-guide","name":"What is MCP Server—How it is Powering AI-Driven Cyber Defense","datePublished":"2025-08-28T12:04:49.000+00:00","dateModified":"2025-12-25T14:29:32.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/best-zero-trust-security-vendors-2025","name":"10 Best Zero Trust Security Vendors—2025","datePublished":"2025-08-27T11:12:02.000+00:00","dateModified":"2025-12-25T14:29:43.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/microsoft-remote-desktop-protocol-exploitation-campaign","name":"Microsoft Remote Desktop Protocol Under Siege: 30,000+ IP Addresses Target Critical Services","datePublished":"2025-08-27T07:54:45.000+00:00","dateModified":"2025-12-25T14:29:51.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/vulnerability-management-tools-paid-open-source","name":"Top Paid and Open-Source Vulnerability Management Tools","datePublished":"2025-08-25T15:54:59.000+00:00","dateModified":"2026-04-28T13:02:03.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/vulnerability-prioritization-beat-patching-paralysis","name":"Vulnerability Prioritization: How to Beat Patching Paralysis","datePublished":"2025-08-20T13:57:40.000+00:00","dateModified":"2025-12-25T14:30:00.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/hexstrike-ai-security-tools-integration-chatgpt-claude","name":"HexStrike AI Connects ChatGPT, Claude, Copilot with 150+ Security Tools","datePublished":"2025-08-20T10:11:35.000+00:00","dateModified":"2025-12-30T05:24:42.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/clear-dns-cache-guide","name":"How to Clear DNS Cache on Windows, macOS, Linux & Browsers: Complete Step-by-Step Guide","datePublished":"2025-08-19T12:15:26.000+00:00","dateModified":"2025-12-25T14:30:03.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/out-of-bounds-read-and-write-vulnerability-guide","name":"What Is Out-of-Bounds Read and Write Vulnerability?","datePublished":"2025-08-19T07:08:52.000+00:00","dateModified":"2025-12-25T14:30:05.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/vpn-security-guidelines-nsa-cisa-tips","name":"VPN Security Guidelines: How NSA and CISA's Latest Recommendations Protect Your Network","datePublished":"2025-08-18T09:09:58.000+00:00","dateModified":"2025-12-25T14:30:07.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/windows-11-cumulative-updates-august-2025-kb5063878-kb5063875","name":"Microsoft Releases Windows 11 Cumulative Updates (KB5063878, KB5063875) August 2025 with New Features","datePublished":"2025-08-13T12:02:58.000+00:00","dateModified":"2025-12-25T14:30:09.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/mdm-app-mobile-device-management-security","name":"What Is an MDM App, and How Can You Use It to Secure Your Devices?","datePublished":"2025-08-11T18:40:03.000+00:00","dateModified":"2025-12-25T14:30:10.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/byod-bring-your-own-device-security-policy","name":"What Is BYOD? Bring Your Own Device Security Policy. Complete Guide for Modern Workplaces","datePublished":"2025-08-11T11:51:04.000+00:00","dateModified":"2025-12-25T14:30:11.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/user-access-review-software-2025-best-tools","name":"10 Best User Access Review Software in 2025: Complete Guide to Secure Access Management","datePublished":"2025-08-07T20:54:16.000+00:00","dateModified":"2025-12-25T14:30:19.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/community-health-center-data-breach-1-million-patients","name":"Community Health Center Data Breach Exposes 1 Million Patients' Information","datePublished":"2025-08-06T13:44:05.000+00:00","dateModified":"2025-12-25T14:30:21.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/cisco-hacked-attackers-stole-user-profiles","name":"Cisco Hacked – Attackers Stole Profile Details of Users Registered on Cisco.com","datePublished":"2025-08-05T19:25:11.000+00:00","dateModified":"2025-12-25T14:30:23.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/macos-sploitlight-vulnerability-tcc-bypass","name":"Critical macOS 'Sploitlight' Vulnerability Lets Attackers Steal Private Data Bypassing TCC","datePublished":"2025-08-01T10:41:35.000+00:00","dateModified":"2025-12-25T14:30:28.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/phishing-as-a-service-phaas-protection-guide","name":"What Is Phishing-as-a-Service (PhaaS) and How to Protect Against It","datePublished":"2025-07-24T14:56:20.000+00:00","dateModified":"2026-05-15T10:49:39.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/microsoft-sharepoint-0-day-rce-cisa-alert","name":"CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks","datePublished":"2025-07-21T12:09:38.000+00:00","dateModified":"2025-12-25T14:30:33.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/microsoft-sql-server-0-day-vulnerability-cve-2025-49719","name":"Microsoft SQL Server 0-Day Vulnerability: Critical Information Disclosure Flaw Threatens Network Security","datePublished":"2025-07-15T19:18:48.000+00:00","dateModified":"2025-12-25T14:30:35.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/tiktok-breach-user-credentials-exposed","name":"TikTok Breach Exposes Critical Security Vulnerabilities: What 900,000+ Users Need to Know","datePublished":"2025-07-11T18:26:31.000+00:00","dateModified":"2025-12-25T14:30:36.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/digital-lock-upgrade-password-security","name":"Digital Lock Needs an Upgrade: Is Your Password a Welcome Mat for Hackers?","datePublished":"2025-07-03T20:50:26.000+00:00","dateModified":"2025-12-25T14:30:50.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/chrome-security-update-critical-patch-vulnerabilities","name":"Chrome Security Update: Critical Patch Addresses 16 Vulnerabilities, Including Zero-Day Threats","datePublished":"2025-06-27T14:40:15.000+00:00","dateModified":"2025-12-25T14:30:58.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/notepad-vulnerability-system-control-cve-2025-49144","name":"Notepad++ Vulnerability Let Attacker Gain Complete System Control—PoC Released","datePublished":"2025-06-26T08:24:31.000+00:00","dateModified":"2025-12-25T14:31:05.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/saas-data-protection-foundation-modern-business","name":"Cover Your SaaS: Why SaaS Data Protection is the Foundation of Modern Business","datePublished":"2025-06-24T10:56:19.000+00:00","dateModified":"2025-06-24T10:56:19.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/password-leak-16-billion-credentials","name":"World's Largest Password Leak Exposes 16 Billion Credentials: What You Need to Know","datePublished":"2025-06-20T11:45:50.000+00:00","dateModified":"2025-12-25T14:31:21.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/enterprise-mobility-management-core-components","name":"Enterprise Mobility Management: Essential Components for Modern Business Security","datePublished":"2025-06-11T13:59:52.000+00:00","dateModified":"2025-12-25T14:31:29.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/online-gambling-secure-payment-infrastructure","name":"Why Online Gambling Needs Specialised, Secure Payment Infrastructure","datePublished":"2025-06-02T09:01:13.000+00:00","dateModified":"2025-12-25T14:31:42.000+00:00"},{"@type":"BlogPosting","url":"https://orasec.co/blog/brushing-scams-online-shopping-threats","name":"Beware of Brushing Scams: A Hidden Threat to Shoppers","datePublished":"2025-05-30T06:17:26.000+00:00","dateModified":"2025-12-25T14:31:46.000+00:00"},{"@type":"Article","url":"https://orasec.co/case-studies/from-initial-foothold-to-domain-admin-a-complete-active-directory-takeover","name":"From Initial Foothold to Domain Admin: A Complete Active Directory Takeover","datePublished":"2025-12-26T07:13:40.000+00:00"},{"@type":"Article","url":"https://orasec.co/case-studies/one-idor-away-from-exposing-2-7-million-customer-records","name":"One IDOR Away From Exposing 2.7 Million Customer Records","datePublished":"2025-12-26T07:56:00.000+00:00"},{"@type":"Article","url":"https://orasec.co/case-studies/how-a-cloud-misconfiguration-nearly-led-to-a-5m-gdpr-fine","name":"How a Cloud Misconfiguration Nearly Led to a $5M GDPR Fine","datePublished":"2025-12-26T08:53:22.000+00:00"},{"@type":"Article","url":"https://orasec.co/case-studies/stolen-admin-credentials-found-on-the-dark-web-before-attackers-could-strike","name":"Stolen Admin Credentials Found on the Dark Web Before Attackers Could Strike","datePublished":"2025-12-26T08:59:03.000+00:00"},{"@type":"Article","url":"https://orasec.co/case-studies/shadow-asset-unsecured-test-server-left-sensitive-customer-data-exposed","name":"Shadow Asset: Unsecured Test Server Left Sensitive Customer Data Exposed","datePublished":"2025-12-26T09:05:51.000+00:00"}],"sitemapIndex":{"@type":"SitemapIndex","sitemaps":["https://orasec.co/sitemap-pages.xml","https://orasec.co/sitemap-services.xml","https://orasec.co/sitemap-blog.xml","https://orasec.co/sitemap-case-studies.xml"]}}