Understand how Red Teaming can be your ultimate strategic "Sanity Check" Register now ›
See how continuous testing and attack surface management can help you defend forward.
Meet Cosmos (formerly CAST): the continuous offensive security platform designed to provide proactive defense.
Get unmatched visibility into your changing external attack surface with continuous discovery and mapping.
Eliminate noise and discover critical exposures, including steppingstones to more complex attack chains.
Emulate real-world attacks to understand exposures and post-exploitation pathways, then operationalize findings to close attack windows.
The Best Defense is a Great Offense
Ensure your applications are secure and improve your DevSecOps practices.
Get a holistic view of your ability to defend against a real-world attack.
Validate interconnected devices and products are secure against attackers.
Assess cloud security posture with expert testing and analysis of your environment.
Get insight into how skilled adversaries could establish network access and put sensitive systems and data at risk.
We're proud to work with Google, Facebook, and Amazon to increase security in their partner ecosystems.
New SANS Research!
We surveyed 300+ hackers to gain insight into how they think, the tools they use, their speed, and favorite targets. See what we found.
Discover new offensive security resources, ranging from reports and eBooks to slide decks from speaking gigs.
Explore the latest security bulletins and advisories released by our team.
Dive into our blog for insights and perspectives from our offensive security experts.
We are the innovators behind some of the most popular open source security tools. Check them out here!
Learn more about our research — and our commitment to openly sharing information.
Why Partner with Us?
Independent Assessment by TAG Cyber
Learn about our partner programs and see how we can work together to provide best-in-class security offerings.
Check out our awesome ecosystem of trusted partners to find the right solution for your needs.
Explore partnership opportunities and apply to join forces with Bishop Fox.
We're proud to work with Google, Facebook, and Amazon to increase the security of their partner ecosystems.
Be part of an elite team and work on projects that have a real impact.
Get to know us. Learn about our roots and see why we're on a mission to improve security for all.
Join us at an upcoming event or peruse our speaking engagements, past and present.
Read the latest articles, announcements, and press releases from Bishop Fox.
Want to get in touch? We're ready to connect.
We're hiring! Explore our open positions and discover why the Fox Den is a great place to build your career.
Starting your offensive security journey? Check out our internships and educational programs.
¡Celebramos! Bishop Fox is now in Mexico. Learn more about our expansion.
Shubham Shah is a security researcher. He was formerly a consultant at Bishop Fox.
Sep 08, 2016
Accellion Kiteworks Multiple Vulnerabilities
Aug 27, 2015
ColdFusion Bomb: A Chain Reaction From XSS to RCE
Adobe ColdFusion Reflected Cross-Site Scripting Flaw