- Home
- Your Objectives
- Services
- Work
- Resources
- Library
- Breach Readiness Assessment Questionnaire
- How to Get a Boardroom & Audit-Ready Penetration Test
- Managed Detection Response Overview
- Managed SIEM Overview
- Office 365 Security Spectrum Guide
- PCI Overview
- Penetration Testing Overview
- Risk Assessments Overview
- TRUE Company Overview
- GRC Consulting and Managed SIEM
- TRUE GRC Overview
- Best Lighting Supply Case Study
- NIST/DFARS White Paper
- Tronics Case Study
- Blog - Gone Phishin'
- Case Study - Securing Municipality's ICS
- Webinars
- DEF CON Recap with the Security Testing Services Team
- California Privacy Protection Act (CCPA): What You Need to Know
- Hardening Your Web Applications
- Social Engineering: Avoiding the Human Hack
- Penetration Testing: Lessons Learned
- There Will Be Breaches
- Office 365 Security Options and Breach Prevention
- IT vs Security: A Competition of Priorities
- Top Critical Mistakes in SIEM Deployment
- Perspectives on Cybersecurity with TRUE Founder Dr. Jerald Dawkins
- Building a Highly Effective Security Information Program
- Municipal ICS and EPA Regulations
- TPN: Trusted Partner Network
- PCI: Trends and Threats in 2020
- Speaking
- Events
- Blog
- Library
- About
- Blog
- California Consumer Privacy Act (CCPA): What You Need to Know
- 3 Reasons It's So Hard to Use Powerful Technology and Data Without Getting Hacked
- Another City Government Pays the Ransom
- Cyber Resilience and a Dam Disaster
- TRUE is like a Robo-Vacuum (We re going somewhere with this...)
- The Voova Hack: Don't Be Next
- John Connors, The Real Thing
- 10 Steps to Understanding How Cloud Migration Affects Your Business
- Get to know TRUE's Vice President of Operations, Heath Gieson
- Taking Control of Social Media Accounts
- California Consumer Privacy Act (CCPA): Are You Ready?
- Locking Down Your Accounts: How to Keep the Keys to Your Kingdom Safe
- Lose the Sticky Notes: Why a Password Manager May Save Your Life
- Privacy and Security: Personal comes before Professional
- "Facebook: Millennial Frankenstein's Monster" - A Data Privacy Editorial by Jenna Waters
- Employee Security Training: An Essential Part of Any Information Security Program
- Keeping Attackers Out of Your Cloud: MSSP Alert Response, Part II
- MSSP Alert Response: Chinese Threat Actors Attack MSPs
- The US Federal Government Shutdown's Impact on Cybersecurity
- Why Cybersecurity Is a Team Sport
- Quick and Dirty Disaster Recovery Guide - Part II
- Quick and Dirty Disaster Recovery Guide - Part I
- Wisdom from the Field: Navigating the Spectrum of SOC (Security Operations Center) Services
- Avoid Office 365 Business Email Compromise: Realistic Data Security for SMBs, Part II
- Realistic Data Security for SMBs, Part 1
- True Digital Security Continues Annual Tradition of Volunteering for Tulsa's United Way Day of Caring
- True Digital Security Achieves AWS Solution Partner Status
- Hurricane Florence: Remain Vigilant, Be Prepared, Stay Protected
- New Developments and Deadlines for PCI DSS: PCI DSS 3.2
- True Digital Security Extends Reach Via Advanced Vision Technology Group
- Part 2 - Defending Against Pass-The-Hash
- Building a Highly Effective Information Security Program
- Hurricane Season: Making Sure Your Business Is Prepared And Protected
- Why Are People Talking About the Cloud?
- Top 6 Challenges with DFARS and NIST 800-171 Compliance
- GDPR Panel Event: Are You Prepared?
- Spread The Word. Reap The Rewards.
- We Ask Because We Care
- What GDPR Means For Your Organization
- Exciting Announcement From Our New CEO, Rory Sanchez
- How Insurers Can Build an NAIC-Ready Cybersecurity Program
- What is the Best Phishing Defense? A Good Offense.
- Why SIEM Deployment Is So Difficult
- What is the Difference between EMV and PCI Compliance?
- What the Meltdown and Spectre CPU Vulnerabilities Mean to You
- True Day of Caring 2017
- True to Present at Information Warfare Summit 10 Conference
- New Employee Announcement
- September 2017 PCI Guidance for Penetration Testing and Mobile Payment Applications
- What Consumers Need to Know about Skimmers
- Defending Against Pass-The-Hash
- Former True Intern Successfully Hacks Wind Farms
- Jenna Waters Awarded Scholarship
- Why Your App Needs a Short Session Timeout and Google, Facebook and Twitter Don't
- Verizon Data Breach Investigation Report 2017 Cover Challenge
- WanaCry Ransomware Attack
- Dr. Dawkins Commencement Speech
- The PCI Penetration Test Scoping Mistake You Don't Want to Make
- What OCR Breach Data Tells Us about Healthcare Information Security
- Key Application Security Questions for IT Organizations
- This Printer Configuration Can Compromise Your Entire Windows Domain
- True Proudly Supports TU's CTF and CCDC Teams
- Day of Caring 2015
- The DEFCON 2015 Experience - The Interns' Perspective
- CSAW: Reverse Engineering for 500, Please.
- CSAW 2015 Crypto 500 - Bricks of Gold Writeup
- Mitigating Spear Phishing through Increased Awareness
- Can You Capture the Flag?
- POODLE Attack on SSL 3.0
- Logjam Vulnerability
- SSL/TLS Protocol Version Negotiation
- Merchant Readiness for the October 2015 Liability Shift
- Michael Oglesby Takes Second in 2015 Verizon DBIR Cover Challenge
- Martin McCurdy Named All Oklahoma/All USA Academic Team
- True Employees Support Tulsa Area United Way
- Innotech Prize Drawing Winner
- True Interns Shine at OCAST 2014 Oklahoma Technology Showcase
- Upcoming ISSA Oklahoma Chapter Special Event - Drillers Baseball
- Havex Trojan Emerging Threat for ICS/SCADA
- Convenience vs. Privacy
- Windows XP - End of Life
- Types of Malware Targeting Point of Sale Systems
- On Home Devices Becoming Targets for Attackers
- Notable New Security Games
- Day of Caring 2013
- On the Topic of Cyber Security Insurance
- Weathering the Storm
- Security Is a Shared Responsibility with Your Vendors
- True Participation in 2012 Salvation Army Angel Tree
- Merry Christmas from True Digital Security
- Why Everyone Should Be Using a Web Proxy
- On Key Management and Tokenization
- DefCon 20 Recap
- U.S. Navy Contracts to Build Tools for Extracting Info from Video Game Systems
- Troubleshooting Forensic Drive Imaging and "Advanced Format" (4K Cluster) Drives
- When A Credit Card Payment Processor Gets Hacked
- On Stuxnet Adaptation
- MS12-020 Proof-of-Concept in the Wild
- Remote Desktop Vulnerability (MS12-020) Is the Worst of the Worst
- Increase Windows Network Security Through Group Policy Software Installations
- Securely Sanitize Your iPhone Before Upgrading
- An Experiment in Social Engineering
- True Consultant Uncovers Oracle Vulnerabilities Addressed in January 2012 CPU
- Teens in Love Will Do Stupid Things
- Patch Your Oracle
- On Tokenization: Tokenization & Payment Channels
- On Tokenization: Implementing Tokenization
- On Tokenization: Determining if Tokenization Is the Right Solution
- "What Keeps Me Up at Night" - EMR on the Internet
- True Recognized Among Tulsa's Fast 40 Honorees
- Juniper BGP Bug Briefly Takes Down the Internet
- Don't Let Your Users Get Sucked into the Blackhole!
- 3 P's of Information Security: Perimeter
- What gets through your firewall?
- Cubicle Fruit
- I Make Mistakes
- Kids and the Internet
- Threat Sources? Hard Questions about Focusing Your Network Protection
- Security really isn't Sexy? When It's Done Correctly
- Protecting your Digital Assets: A Discussion on the Need for a Data Security and Data Loss Prevention Strategy
- Web Application Security
- Finding Your Digital Security Swing
- Dancing the One Step
- 3 P's of Information Security: Policies - A Blueprint for Success
- 3 Ps of Information Security: Perimeter, People and Policies
- Cancel or Allow?
- Don't Lose Your Identity
- E-mail Insecurity
- About the TRUE Insight Blog
- Anti-Malware Vendor Fight: Duqu vs. Stuxnet
- The Importance of an Incident Response Plan
- Interesting Insights from the Latest MSIR
- MSIR Indicates Users Are Weak Link in Computer Security
- More Insights from the MSIR
- On New PCI Point-to-Point Encryption Solution Requirements
- Ransomware Becoming More Common
- Malware Hits U.S. AFB Where UAV Missions Are Flown
- When the "R" in GRC Becomes "Risky Business"
- IT GRC, The Story - How do you do it? - Part 2
- BEAST: It's What's for Dinner
- On Centralized Logging and SIEM
- True's Executive Roundtable Event Held August 24th
- True Employees Participated in the 2011 Tulsa Area United Way Day of Caring
- IT GRC, The Story - How do you do it? - Part 1
- Getting the most value from your next penetration test
- When are merchants required to use a PA-DSS validated POS (point-of-sale) application?
- Solving the Verizon DBIR 2010 Cover Challenge
- More on outbound firewall rules
- Solving the Verizon DBIR 2011 Cover Challenge ? again
- PCI SSC Releases Tokenization Guidelines
- Picking on the Little Guy
- Internal vs. External Vulnerability Scans
- Making Security Make Sense
- IT GRC: What Comes First the Program or the Platform?
- Events Calendar
- New SDL templates for Visual Studio Team System
- Two simple outbound firewall rules
- Java App Store
- Why spyware IDS alerts are useful
- Microsoft's banned function calls
- Microsoft Attempting to Assassinate Google?
- Voice Over IP Security
- Vista SP2
- Vista SP2...it works
- Phishing on Facebook
- President Obama's Cyber Security Policy
- YAAV (Yet Another Adobe Vulnerability)
- Cybersecurity Act of 2009 - Professional Licenses?
- Adobe Acrobat products update available
- If you're going to go postal, at least be certain of your situation
- This seems like a smart idea...
- Life in the SMB lane
- Beware: the Millenials are coming!
- Feds mandate DNSSEC; Internet techies yawn
- There's fast...
- Avoid Becoming a Data Loss Victim
- Acquiring target... NOW!
- 3 P's of Information Security: People
- Free Information Security Assessment
- Protecting the Enterprise: On Appropriate Limitations of Employee Web Browsing Activities
- Security Advisory: Adobe Acrobat vulnerability
- Security Advisory: MS09-002 exploit in the wild
- The Sky is Falling...Again
- Chicken Little at The Times (London)
- Verizon RISK study: business partners h0se you the worst
- Facebook is the new King of Social Networking
- Google to the rescue
- Dangerous data
- Microsoft Opens Its Protocols
- Legitimately bad
- February Microsoft Security Advisories
- HBO to the Internet
- Terrorists Need Privacy, too
- Unintended Denial-of-Service
- Who are you, REALLY?
- Most Home Routers Vulnerable to New Attack
- Adult Web Industry Compromised
- Ugly pictures
- My Internets are faster than Your Internets!
- The Importance of Multi-Factor Authentication (MFA)
- iPodXP, or something like it
- Welcome to our new "True Insight" blog!
- What Is Phishing & How To Prevent It
- Quick and Dirty Disaster Recovery Guide: Part III
- Protecting Intellectual Property Part I: Cyber Security Makes Its Way to Hollywood
- Protecting Intellectual Property Part II: VOKSEE Leads the Way in IP Protection
- CCPA Part III: Don't Fight the Tide
- A Game of Thrones: Big Tech’s Legal Reckoning
- How To Protect Data During A Hurricane
- PCI DSS Standard 4.0
- ICS Security and America's Water Infrastructure Act
- The Fight Against Ransomware
- Scary Stories to Tell in the Dark Server Room
- Smart Office Devices Come with Security Risks
- Client Portal
- Request a Consultation
- Contact Us
- Privacy Policy
- Legal
- Gated Files - Datafeed
- Test Campaign Page
- CCPA Webinar Transcript
- Pen Testing: Lessons Learned Webinar Transcript
- Trusted Partner Network (TPN) Webinar Transcript