Security Perspectives

Security Perspective

Are You Giving Out Cheat Codes if You Whitelist Pen Testers?

Jul 29, 2020

Have specific goals for a pen test to determine whether or not to whitelist (or safelist). Whitelisting IP addresses helps pen testers access a network.

By Brianne Hughes

Security Perspective

An Updated Guide to Do-It-Yourself Network Segmentation

Jul 23, 2020

Bishop Fox's updated guide to do-it-yourself network segmentation shows how to practically and inexpensively ensure network security for home or business .

By Matt Keeley

Security Perspective

Delivering Peace of Mind About New Citrix Emerging Threat

Jul 8, 2020

CITRIX announced 11 CVEs that impact its ADC, Gateway, and SDWAN WANOP products. Bishop Fox's Continuous Attack Surface Testing team protected our clients.

By Barrett Darnell

Security Perspective

SkillBridge Paves the Way for Service Members

Jul 8, 2020

Bishop Fox supports the SkillBridge program, which gives military personnel hands-on experience for the career they intend to pursue in civilian life.

By Brianne Hughes

Security Perspective

Stop Treating Breaches Like Natural Disasters: A New Mindset for Application Security

Jun 25, 2020

Security Determinism puts application security within our control. Dan Petro shows how sound software engineering helps prevent vulnerabilities & breaches.

By Dan Petro

Security Perspective

A Guide to Digital Reconnaissance

Jun 16, 2020

Dan Wood gives insight into the world of digital reconnaissance, a way of collecting intelligence about a target without actively interacting with systems.

By Daniel Wood

Security Perspective

Lessons Learned from Years of Red Teaming in Cybersecurity

Jun 9, 2020

Daniel Wood discusses lessons learned from years of red teaming, involving critical thinking and adopting an adversarial mindset to prevent cyber attacks.

By Daniel Wood

Security Perspective

Quantifying the Impact of Micro-Segmentation

Jun 4, 2020

Bishop Fox created a testing environment and assessment methodology for Illumio focused on network segmentation, reconnaissance, and network discovery.

By Bishop Fox

Security Perspective

Invest in Trusted Partners, Not Crowdsourcing, for Continuous Security

Jun 3, 2020

Joe Sechman discusses the limitations of crowdsourcing vs. the security assurance, quality of service, and scalability of continuous attack surface testing

By Joe Sechman

Security Perspective

Applying Elite Military Training to Civilian Assessments

May 26, 2020

By Brianne Hughes

Security Perspective

Security Lessons From Hacker-Themed Board Games

May 22, 2020

A way to prepare for real security events is to simulate them through gamification. Test your crisis management abilities with hacker themed board games.

By Brianne Hughes

Security Perspective

A Closer Look at the US-CERT Top 10 Vulnerabilities List

May 21, 2020

Bishop Fox's Daniel Wood analyzes the US-CERT Top 10 Vulnerabilities List, including attacks on Microsoft Office, VPNs, and the use of social engineering.

By Daniel Wood

Security Perspective

An Introduction to the OWASP IoT Top 10

Apr 23, 2020

Bishop Fox highlights the OWASP IoT top 10 security risks, including weak passwords, insufficient privacy protection, and insecure ecosystem interfaces.

By Britt Kemp

Security Perspective

How to Keep Your Business Secure During the COVID-19 Pandemic

Mar 17, 2020

Bishop Fox's Daniel Wood discusses how to keep businesses and their now remote employees secure from cyber attacks during the COVID-19 coronavirus pandemic

By Daniel Wood

Security Perspective

What Is XSS?: An Overview

Mar 16, 2020

Bishop Fox explains cross-site scripting (XSS) - an OWASP Top 10 injection attack vulnerability- its different XSS varieties, and tips to prevent an attack

By Britt Kemp

Security Perspective

Staying Ahead of Emerging Threats

Mar 5, 2020

Bishop Fox's Continuous Attack Surface Testing managed security service helped clients when a critical-severity vulnerability threatened Citrix appliances.

By Ori Zigindere

Security Perspective

How to Prevent the OWASP Top 10

Feb 10, 2020

Bishop Fox highlights how to prevent the OWASP top 10, the most common high risk vulnerabilities such as sensitive data exposure and cross-site scripting.

By Britt Kemp

Security Perspective

Identifying the Modern Attack Surface

Jan 28, 2020

For the new Bishop Fox Inside Engineering series, Brad Sickles shares how his team used the frameworks they built to define the modern attack surface.

By Brad Sickles

Security Perspective

7 of the Most Memorable CVEs of 2019

Dec 30, 2019

As we end this year, we’re taking a look back at some of the vulnerabilities that made headlines, scared us a little bit, and stirred us to apply patches.

By Britt Kemp

Security Perspective

The Pen Testing Tools We’re Thankful for This Season

Nov 28, 2019

Recap of Bishop Fox's penetration testing tools for 2019.

By Britt Kemp

Security Perspective

Scary Security Stories to Tell in the Dark

Oct 31, 2019

Three scary cybersecurity stories for Halloween: hacking mass transit, deepfakes and smart homes.

By Britt Kemp

Security Perspective

Introducing cyber.dic

Sep 30, 2019

Cyber.dic is a tool for security professionals who find that everyday technical terms are underlined in red in their emails, reports, and presentations.

By Brianne Hughes, Catherine Lu

Security Perspective

OpenEMR 5.0.1(6) - Technical Advisory Release

Sep 11, 2019

Bishop Fox researcher Chris Davis identified high and medium-risk security issues in a popular open source healthcare. This blog post provides an overview of those findings.

By Chris Davis

Security Perspective

Cybersecurity Fatalism - How It Poisons Your Decision Making

Sep 2, 2019

Cybersecurity fatalism is a tempting mindset to fall into, but it's not a healthy one - or, as Bishop Fox researcher Dan Petro says, "it's bad and wrong".

By Dan Petro