In today’s enterprise insider threats can be tricky to detect and can easily fly under the radar for months and even years. Oftentimes, these insiders use simple tactics to steal information from a organization. The primary reason for this is because most insider threats have been granted access to authorize sensitive data or areas of the corporate network. This access is granted in order to permit the individual to perform specific job duties or fulfill a contractual obligation. But when an individual makes the decision to use this access in ways other than envisioned – abusing privileges with malicious intent towards the organization – that individual becomes an insider threat (Lord, 2017). One of the simplest ways for an insider threat to exfil data is through 3rd party email or storage sites, but in most cases these are blocked in enterprise environments. Another way to exfil data out of an organization is by simply uploading files to a webserver. Below, is a simple method on how to exfil data over HTTPS to a WordPress back-end.