Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›
Penetration Testing: Navigating PCI DSS Compliance
Join our webcast with Derek Rush, Managing Senior Consultant II, as we explore achieving PCI DSS compliance using targeted penetration testing. Discover vital strategies for securing payment environments against cyber threats through tests on applications, networks, and cloud services.
News Insights: Boy, that Escalated Quickly - How Zero-Day Disclosures Alter Attacker Strategy
Caleb Gross, Director of Capability Development, gives his insight on the dynamics of exploit creation and execution and what organizations can do to not only mitigate risk from this event, but also stay focused on minimizing exposure across the business.
GWT Java Deserialization: Unpatched and Unauthenticated
Watch our exclusive livestream with Ben Lincoln, Managing Principal at Bishop Fox, to learn about GWT web application vulnerabilities, exploitation strategies, and security enhancement recommendations.
Pwning the Domain with Sliver Framework
Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.
News Insights: Patch Procrastination with Trevin Edgeworth, Director of Red Team
Bishop Fox's Red Team Director, Trevin Edgeworth, spotlights two notable vulnerabilities - left unpatched for years on end and discusses how unpatched vulnerabilities can wreak havoc on businesses. One, an unpatched six-year-old flaw in Microsoft Office, the other in Google Web Toolkit (GWT), unaddressed for eight years.
News Insights: Does X Mark a Target? with Trevin Edgeworth, Director of Red Team
In light of the recent security breaches involving Bitcoin and SEC’s X account, our Red Team Practice Director, Trevin Edgeworth, analyzes the role of fluctuating security programs in these incidents. He discusses how attackers exploit confusion, communication gaps, and vague policies, and identifies weak points in shared security responsibility.
Subscribe to Bishop Fox's Security Blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.
How Does Social Engineering Work? From Planning to Execution
Join our webcast as we navigate the complex terrain of social engineering, offering insights into its various stages from planning to execution, common phishing techniques, and the necessity of ongoing vigilance and proactive strategies to combat this pervasive issue.
Cloud Security Podcast: CloudFoxable Demo
Watch the CloudFoxable demo to see a gamified cloud hacking sandbox where users can find latent attack paths in an intentionally vulnerable AWS environment.
The "New CISO" Special: Organizing the Chaos
With Senior Solutions Architect Matt Twells, Bishop Fox offers a comprehensive guide to ease into your role confidently, providing a strategic framework to streamline your initial efforts.
News Insights: 23AndMe with Alethe Denis, Security Expert - Red Team
Alethe Denis, a Bishop Fox Senior Red Team consultant and Social Engineering expert, reveals her quick-take perspective on what she sees as different about the 23AndMe breach, and how it’s viewed by someone who is a career social engineer.
Cloud Security Podcast: Cloud Pen Test of AWS with Open Source
Hear from Bishop Fox's Seth Art in Episode 161 of Cloud Security Podcast as he shares his extensive experience with cloud penetration testing.
A Practical Guide to Operationalizing the FDA's 2023 Cybersecurity Requirements
Join our webcast with Matt Twells to understand the impact of the FDA's HR.2617 legislation on medical device cybersecurity, learn how to build a robust plan, address vulnerabilities, manage supply chain risks, and anticipate future trends.