Featured Guides & Report
Red Team Readiness Assessment
The Red Team Readiness Assessment is a guided self-assessment worksheet that helps security teams evaluate their preparedness, align stakeholders, and plan more effective Red Team engagements. Use it to define objectives, set scope, and establish the protocols needed for a successful simulation.
Fortifying Your Applications: A Guide to Penetration Testing
Download this eBook to explore key aspects of application penetration testing, questions to ask along the way, how to evaluate vendors, and our top recommendations to make the most of your pen test based on almost two decades of experience and thousands of engagements.
Ready or Not: A Ransomware Self-Assessment
Fill out Bishop Fox’s ransomware self-assessment to see how your program stacks up to rigorous offensive security preparation.
Shifting Left: A DevSecOps Field Guide
Our eBook offers practical recommendations on how developers and security teams alike can move towards a DevSecOps model in any organization – with a goal of shared responsibility and creating a perpetual and repeatable process.
Looking Toward the Cosmos: Making the Case for Continuous Offensive Security
Download this eBook to uncover the factors and inputs used in our customizable ROI calculator that are critical to making the business case for continuous offensive testing. The output of the calculator is intended to help you draw a direct line from investment to risk mitigation that can be communicated to both technical and non-technical decision makers.
Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools
What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.
asminject.py: Compromise Trusted Linux Processes and Containers
This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.
Ransomware Scenario Emulation Report with Illumio
Illumio, Inc. engaged Bishop Fox to measure the effectiveness of Illumio Core for blue teams to detect and contain a ransomware attack. The report details the findings identified during the course of the engagement, which started on March 10, 2022.
CyberRisk Alliance Cloud Adoption Security Report
Explore key findings and insights from the CRA Business Intelligence Cloud Security Survey of more than 300 security leaders & practitioners.
Evaluating Offensive Security Solutions: Top 50 Questions to Ask
To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.
SW Labs Product Review: Cosmos Attack Surface Management Platform
SW Labs assessed Bishop Fox’s Cosmos (formerly CAST) the “Best Emerging Technology" Attack Surface Management Platform of 2021.
SW Labs Category Overview: Attack Surface Management (ASM) Solutions
Comprehensive overview of the fast-growing Attack Surface Management category from the cybersecurity experts at Security Weekly Labs.
The Wolf in Sheep’s Clothing
See how low-risk exposures can become catalysts for destructive attacks. We include examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high-value targets.