Blog A Security Framework Sized for the Business You Actually Run Apr 20, 2026 by Levi Durfee Enterprise security frameworks like NIST CSF and ISO 27001 weren't built for 10-person businesses, and the 2025 Verizon DBIR shows small businesses now face four times the breach rate of enterprises. Meet the NerdSec Framework (NSF): a practical, right-sized baseline built on CIS Controls that gives small businesses a single-page letter grade, four ransomware gates, and three levels of evidence to prove their security posture. The Attacks Hitting Big Companies Are Now Coming for You Mar 29, 2026 by Levi Durfee SentinelOne's Annual Threat Report is written for enterprise security teams. We read it so you don't have to — and pulled out what actually matters for small businesses. Fake Apple Security Alert: How a 'track(2).dll' Warning Almost Fooled Our Customer Mar 13, 2026 by Levi Durfee A phishing site impersonated Apple.com and showed a fake 'App: track(2).dll, Unsafety Detected' warning to one of our customers. Here's how training, endpoint protection, and Secure DNS stopped the scam cold. The Easiest Security Win Most Small Businesses Miss Mar 3, 2026 by Levi Durfee Most small businesses invest in antivirus and firewalls but overlook one of the simplest, most effective layers of protection: Secure DNS. Learn how it works and why it matters. Stop Firewall Mistakes Before Attackers Find Them Feb 1, 2026 by Levi Durfee Firewall misconfigurations often go unnoticed and leave networks exposed for weeks or months. Learn how continuous external scanning and smart alerts can catch risky changes early — without wasting time on manual rule reviews. Why We Chose Keeper as Our Password Manager Jan 22, 2026 by Levi Durfee A hands-on review comparing KeePass, LastPass, 1Password, Bitwarden, Vaultwarden, and Keeper, with a focus on security, usability, and real-world experience. How We Removed Malware from a Hacked WordPress Site in 30 Minutes Jan 20, 2026 by Levi Durfee A real-world case study of a hacked WordPress website redirecting visitors to malicious sites—and how we identified the breach, removed malware, and secured the site. Why One-Size-Fits-All Cybersecurity Fails Small Businesses Jan 16, 2026 by Levi Durfee No two businesses are the same, yet most cybersecurity solutions are built as if they are. Small businesses often end up paying for tools they do not need, while real risks go unaddressed. NerdSec takes a different approach by using real data and automation to recommend only what actually improves your security posture Welcome to NerdSec. Jan 13, 2026 by Levi Durfee Hello, and welcome to NerdSec. We're glad you're here. Here is a brief introduction to our history, what we've seen, and our mission.
