Security and people

Feeling the difference between human error and secure behavior

What does emotions and empathy have to do with digital security? Can job satisfaction increase password quality? See the talk on what scientific research on these matters.

Read full post

How to find email headers in Outlook

Have you ever received an email and wondered if it could be dangerous, or maybe worth warning your colleagues about? It is definitely a good idea to report the suspicious email to IT, but the usefulness of your reporting increases if you are able to include the email headers.

Read full post

Detection evasion through abused redirect

Does your website allow the forwarding of end-users to URLs provided as a user-provided URL parameter? If so, it may potentially be abused in phishing campaigns, along with your web domain reputation.

Read full post

SPF shortcomings with Return-Path in spoofed emails

Email was never designed to be safe, but protocol additions like SPF have improved our ability to detect spoofed senders. We have discovered a trend in forging the Return-Path header, which SPF does not deal with on its own.

Read full post

Phishing with Azure AD B2B Collaboration

The email has invites@microsoft.com as sender, and every technical investigation (both SPF, DKIM and DMARC) shows that the email itself has indeed been sent from Microsoft.

Read full post

Secure software with OWASP ASVS

Are you working on security requirements in software development, test or procurement? There is no need to re-invent the wheel. See the talk on how OWASP Application Security Verification Standard (ASVS) can help.

Read full post

Experiences with simulated phishing

Are you assessing whether simulated phishing may be a good thing to do in your company? See this video for useful steps and input to prepare and launch your own internal phishing campaign.

Read full post

Onboarding info for new MailRisk users

When the MailRisk button suddenly appears in the Outlook app for your colleagues, it is important to tell them what this shiny new button is all about. Here is a suggested way to go forward.

Read full post

MailRisk wins best new security product award

It was a great pleasure for us to receive the Outstanding Security Performance Award (OSPA) at the Norwegian Business and Industry Security Council (NSR) security conference.

Read full post

Human security sensors ebook cover

Want to get started?

We have written a guide for you to get started with human-centered security. Access our free resource now, and learn:

  • How to nurture drivers for employee engagement
  • How to avoid common obstacles for reporting
  • Practical examples and steps to get started

Download free PDF →