Let's connect at an
upcoming event!

Security leaders from P0 Security and Sphere discuss how organizations can better manage the explosion of digital identities in complex cloud environments, with special focus on often-overlooked machine identities that now vastly outnumber human users.

Rob Ragan will dive into how fine-tuning LLMs on sensitive data raises serious privacy and security concerns — and what to watch out for.

Hear from Anirban Banerjee, CEO and Co-founder of Riscosity, and Matt Twells, Sr. Solution Architect at Bishop Fox, as they explore critical considerations for developing a security program that prioritizes third-party risk reduction.

Justin Rhinehart distills for us and the broader public how this type of “marquee” research comes to market in an ethical and responsible way. Watch Now!

David Bravo will lead an AWS hacking course focused on helping security pros find and exploit common vulnerabilities in AWS environments.

Berenice Flores will share research on how she compromised a Machine Learning framework and quickly escalated privileges within an AWS account.

Tune into our special livestream event where we highlight the remarkable achievements of women in the field of cybersecurity, celebrating their contributions during Women's History Month.

Security Consultant Derek Rush shares how organizations can transform mandatory PCI penetration tests from compliance exercises into meaningful security assessments by following industry guidance and adopting attacker-focused methodologies.

We’re excited to join HackGDL, where Berenice Flores, Hector Cruz, and Ivan Sanchez from our team will be sharing their insights. Looking forward to connecting with the local security community!

Dive into the world of AI-driven job searching with @Kaitlin O'Neil! Join us for a Discord exclusive workshop on March 1 for an in-depth exploration of ChatGPT and other AI tools.

Security expert Caleb Gross explains how the rapid exploitation of Ivanti VPN vulnerabilities demonstrates why organizations need a fundamental shift in how they approach emerging threats—moving beyond reactive patching to comprehensive asset visibility.

Security expert Ben Lincoln reveals a critical vulnerability in the Google Web Toolkit (GWT) that allows attackers to compromise Java web applications through deserialization attacks—even when authentication is required.

Bishop Fox is proud to present at the CactusCon 12 from February 16-17, 2024. Several Foxes will be presenting on a variety of topics including: Kaitlin O'Neil (Recruiting Manager), Alissa Gilbert (Solutions Architect), and David Bravo (Security Consultant III).

We’re excited to share that Rob Ragan will be speaking at the Boston Security Meetup this February. Looking forward to great conversations with the local security community!

Understand the impact of the FDA's HR.2617 legislation on medical device cybersecurity, learn how to build a robust plan, address vulnerabilities, manage supply chain risks, and anticipate future trends.

Security expert John Guylde demonstrates sophisticated techniques for escalating from domain user to Enterprise Admin using the Sliver C2 framework. Learn how to leverage Kerberos delegation, trust relationships, and SID history to compromise even well-segmented Active Directory environments.

Security expert Dardan Prebreza reveals the sophisticated techniques behind modern social engineering attacks—from initial reconnaissance to exploitation—and provides actionable strategies to strengthen your organization's human security layer.

Red Team Practice Director Trevin Edgeworth explains how attackers use long-standing vulnerabilities as intelligence about an organization's security maturity, helping them craft more effective and stealthy attack strategies beyond simply exploiting the vulnerabilities themselves.

Recruiting Manager Kaitlin O'Neil will be speaking at IWCON 2023 on cybersecurity job advice, specifically how to "hack" the hiring process.

Discover the power of Swagger Jacker, an open-source audit tool designed to improve inspection of unintentionally exposed OpenAPI definition files for penetration testers.

Whether you're stepping into your first CISO role or taking charge of a security program, those initial months can feel like trying to eat an elephant whole. This presentation offers a practical framework for getting your arms around the chaos.

Uncover how purple teaming can transform cybersecurity from a perceived cost center to a revenue-protecting asset. Ryan Basden, Red Team security consultant, will guide you through establishing security baselines, validating investments, and formulating a roadmap for growth.

Join Us at SecurityWeek’s Cyber AI & Automation Summit! We’re excited to take part in the inaugural event, where we’ll explore how AI, machine learning, and automation are reshaping modern cybersecurity.

See You at the H-ISAC Fall Americas Summit! We’re looking forward to joining the community in San Antonio, Texas for this year’s H-ISAC Fall Americas Summit. Let’s connect!