Resource Center

Illumio, Inc. engaged Bishop Fox to measure the effectiveness of Illumio Core for blue teams to detect and contain a ransomware attack. The report details the findings identified during the course of the engagement, which started on March 10, 2022.

Watch the lineup of leaders & influencers from the infosec community who joined us live at DEF CON 30!

In our third edition of the Tool Talk series, we dive into the open-source tool Nuclei, a fast and customizable vulnerability scanner based on simple YAML-based DSL.

Will Lin, founding team member at ForgePoint Capital (and investor in Bishop Fox) and co-creator of the CISO community Security Tinkerers, discusses his passion for technology and how it led him to a career helping security companies launch, as well as his work supporting CISOs through collaboration and knowledge sharing.

Explore key findings and insights from the CRA Business Intelligence Cloud Security Survey of more than 300 security leaders & practitioners.

Tune into our webcast to learn more about Attack Surface Management and tips for evaluating solutions. GigaOm analyst Chris Ray joins us to share his insights!

In our sixth edition of the Tool Talk series, we explore a new test harness for discovering and crafting Ruby exploits.

In our fifth edition of the Tool Talk series, we explore ripgen, a subdomain discovery tool designed to significantly increase permutation combinations.

Uncover your organization’s unique cost savings and risk mitigation strategy for a continuous offensive testing solution with our customized ROI calculation.

Examine your organization’s level of ransomware preparedness through the lens of offensive security considerations.

Overview of Bishop Fox’s methodology for Secure Code Review.

Explore the benefits of continually hacking yourself to discover new assets (including many you don’t even know you have) and their associated vulnerabilities.

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

SW Labs assessed Bishop Fox’s Cosmos (formerly CAST) the “Best Emerging Technology" Attack Surface Management Platform of 2021.

Comprehensive overview of the fast-growing Attack Surface Management category from the cybersecurity experts at Security Weekly Labs.

See how low-risk exposures can become catalysts for destructive attacks. We include examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high-value targets.

On-demand webcast offers an in-depth look at how DevOps can integrate both automated and manual code review into the software development lifecycle.

In the hands of skilled attackers, many "low risk" exposures serve as launching pads or steppingstones to more complex and destructive attacks. Join our webcast as we dive into real-world examples.

What if security could become an integral framework within the software development process? Join Tom Eston and Chris Bush to learn how Threat Modeling is changing the way organizations manage application security risks.

Get the buzz on fuzz testing in software development.

On-demand webcast provides an in-depth look at using Continuous Attack Surface Testing (CAST) to identify and close attack windows before it’s too late.

This handy guide provides a list of great resources for learning to be a pen tester.

On-demand webcast explores how the right DevSecOps strategy empowers both your security and development teams.

On-demand webcast dives into the role of application penetration testing in today’s software development lifecycle (SDLC).