We asked our Red Team Practice Director Trevin Edgeworth what long-standing unpatched #vulnerabilities can indicate to a Red Teamer. He uses the examples of two vulnerabilities that have gone unpatched for several years: an RCE flaw in Microsoft Office used to deliver spyware and a vulnerability in the popular #GWT framework discovered by Ben Lincoln. https://bfx.social/3RK49YE
Take a look into what sets the Bishop Fox approach to tabletop exercises in #RedTeaming apart. Senior Red Team Consultant @alethe shares how our team focuses on these highly beneficial exercises as building blocks for stronger #security programs versus mandatory compliance tasks. https://bfx.social/3H7Ech2
As we wrap up 2023, let's take a look back at the different topics we covered in our technical #blog this year.
Our #VulnerabilityResearch series expanded with some new writeups and coordinated disclosure advisories. We also provided practical advice and tooling to aid security researchers in effective #CodeReview using #Semgrep. There’s more in store on this topic: stay tuned for the latest updates.
Use the new #opensource tool Swagger Jacker to audit OpenAPI definition files, allowing you to identify potential vulnerabilities or misconfigurations in API routes defined within the definition document. Learn how it works, how it can make auditing API endpoints less tedious, and more in this tutorial from Tony West.
Increasingly challenging times in #security demand a new approach.
Purple Teaming, a symbiotic merger of Red Team offense with Blue Team defense, has emerged as a promising #offensivesecurity solution. Discover how this technique can help you achieve multiple goals for your organization – and don’t forget to stream our #BFLive recording if you missed the original broadcast!
How do you get organizational buy-in to stop viewing #cybersecurity as a cost and start seeing it as an investment? Join Ryan Basden to learn how the adoption of Purple Teaming initiatives can help demonstrate ROI and secure revenue.
You can find several members of the Bishop Fox team at the @healthisac Americas Summit later this month (which we are a proud sponsor of this year). Meet with us to talk about our top-of-the-line #offensivesecurity solutions and grab some Western-themed swag.
Get more info on what we have going on at #HealthISAC when you visit our site.
How do #healthcare organizations with mature security programs tackle the challenges of #offensivesecurity in today’s dynamic digital landscape? This blueprint we compiled with data from the #PonemonInstitute sheds light into #security practices in this industry where safeguarding sensitive data is of utmost importance.
Don't miss out on this authoritative resource that will equip you with the knowledge and strategies to protect your organization.
#OffensiveSecurity is evolving to keep up with the changing landscape. Learn more about what the future for #offsec might look like as well as its origins in this first-ever @securityweek column by our own @agent0x0.
Thanks to everyone who dropped by our booth at the @apiglobal Industry Services 2023 Cybersecurity Conference! We’re looking forward to connecting with you more in the future. #APICybersecurity23#offensivesecurity
Watch Shanni Prutchi discuss how to fortify your organization's incident response capabilities through combined #redteaming and tabletop exercises. Explore attack detection, response, and the importance of established processes in this video session. https://bfx.social/3Qtn7Cd
We are proud to be a sponsor of next week’s API Global Industry Services 2023 Cybersecurity Conference. You can find the Bishop Fox team over at Booth #101 handing out swag and ready to chat about our industry-leading #offensivesecurity solutions.
True or false: #FinServ organizations are more likely to have mature crisis management programs inclusive of testing #tabletop exercises and different data #breach scenarios to ensure optimal operation.
Discover the answer for yourself when you download the #PonemonInstitute#offensivesecurity report focusing on the financial services industry.
Another key finding from our study with the #PonemonInstitute, 63% of survey respondents reported that tabletop exercises were their most preferred type of #RedTeaming engagement. Organizations can use tabletop exercises to prepare for #cybersecurity incidents by establishing a plan to address weaknesses in the organization’s ability to prevent and recover from attacks.
To see more of the latest in #RedTeam and #offensivesecurity trends from our study, read this quick recap!
In our fireside chat with Rob Ragan, Damian Hasse, and Emily Choi-Greene, we’re talking all about #AI and #LLMs. Don’t miss this opportunity to stay ahead and embrace the future of AI, while safeguarding your enterprise’s #security!
FinServ orgs generally have a higher level of confidence in #offensivesecurity testing – in fact, (67%) compared to other industries (52%). This underscores the belief that #offsectesting plays a crucial role in hardening defenses against major #security threats. Download your copy of “The Offensive Security Blueprint for #FinancialServices” to learn more!
Secure your perimeter and don’t leave #risk to chance. Check out this preview of “Cosmos: Protecting the Perimeter,” and download the full report for exclusive insights into lessons from 17,000 #attacksurface exposure datapoints. https://bfx.social/406xEb3
In this convo with Bishop Fox’s Trevin Edgeworth, you’ll discover how #RedTeaming can empower your organization to make confident decisions in challenging times.
Trevin has over 20 years of #offensivesecurity experience, including helping create #RedTeam programs at American Express, Capital One, and Symantec in addition to serving as #CISO at Norton Lifelock.
Join our session to get real-world perspective into the necessity of #RedTeaming; Trevin Edgeworth (Bishop Fox Red Team Practice Director) will delve into how this key #offensivesecurity practice can help unveil #security gaps, optimize resource allocation, and deliver scenario-based #testing. Register for this event happening October 24th! https://bfx.social/3Q44Cpa
According to our #offensivesecurity study with #PonemonInstitute, #RedTeaming is the 2nd most effective offensive security testing strategy, right behind #cloudsecurity testing. This trend is set to continue, and smart companies are taking notice.