Resource Center

Learn how Adversarial Controls Testing uses an attack-based approach mapped to the MITRE ATT&CK framework to determine the effectiveness of your email/phishing, endpoint, and network security controls.

Gain in-depth view into DORA’s threat-led penetration testing framework with practical guidance on how to integrate offensive security services.

Watch this video to see how you can streamline vulnerability management — from identification to remediation — with Cosmos integration for ServiceNow.

Watch this video to see how you can streamline vulnerability management — from identification to remediation — with Cosmos integration for Jira®.

Bishop Fox’s comprehensive DORA FAQ guide walks you through everything you need to know about fulfilling these critical requirements. This resource is a must-have for financial institutions looking to stay ahead of DORA’s complex compliance landscape.

Hear from Héctor Cuevas Cruz as he shares his career from early days in DragonJAR forum to how he's become a team leader of hackers for Bishop Fox.

In this webcast, Senior Security Consultant Brandon Kovacs aims to illuminate the sophisticated capabilities that AI brings to the table in creating hyper-realistic deepfakes and voice clones.

Download Bishop Fox's app pen testing packages methodology. Learn our Baseline, Standard, and Advanced approaches to scaling security testing coverage.

Get detailed insights into how Bishop Fox conducts Adversarial Controls Testing (ACT) engagements. This comprehensive methodology document outlines the step-by-step process, collaboration model, example test cases, and delineation of responsibilities critical to validating your security controls.

Join us for a livestream from DEF CON 32 to hear seasoned hackers and cybersecurity experts inspire and empower the tech community to reclaim the security landscape through active engagement and innovation.

Bishop Fox Security Consultant, Nisk Cerne discovered and worked with Traeger Grills to disclose a vulnerability in the company’s embedded Wi-Fi Controller that allows users to connect to and control their grills remotely.

Join Alissa Gilbert (dnsprincess) as she dispels myths around RF tracking, negates some fears, and gives completely new ones in its place.

In this expert-led session, security leaders discuss the critical challenges and solutions for managing identities in complex cloud environments. Learn how to tackle machine identities, implement continuous hygiene practices, and leverage AI for enhanced security posture.

McKinsey cybersecurity leaders share essential strategies for translating complex security challenges into business-focused board discussions. Learn how to effectively communicate risk, establish meaningful metrics, and build productive partnerships with your organization's leadership.

Veteran intelligence leaders David Etue and Nick Selby reveal what separates effective cyber threat intelligence from mere data collection. Learn how to develop intelligence capabilities that communicate meaningful risk to executives and deliver actionable insights to technical teams.

Security leaders from Reddit, Meta, and SeatGeek share battle-tested approaches for scaling application security in fast-moving environments. Learn how these organizations are shifting from vulnerability hunting to building secure-by-default ecosystems that empower rather than hinder development teams.

Veteran security leader Nate Lee reveals how effective cybersecurity depends as much on relationship-building as technical expertise. Learn practical strategies for gaining organizational trust, communicating effectively, and driving security initiatives through persuasion rather than mandate.

Security researcher and YouTube educator John Hammond shares insights on effective red teaming that balances technical depth with business impact. Learn how threat intelligence, fundamentals-focused security, and emerging technologies shape today's offensive security landscape.

Marketing executive Charrah Hardamon shares insights on tackling the security challenges of modern SaaS ecosystems. Learn practical approaches to managing vendor relationships, implementing appropriate controls, and addressing AI integration without compromising data security.

Veteran security leader Dave Lewis shares his philosophy on transforming struggling teams into high-performers through trust, communication, and empathy. Learn practical approaches to leadership that enable both individual growth and organizational security.

Security pioneer Robert "RSnake" Hansen shares insights from his book "AI's Best Friend," revealing why artificial intelligence without moral frameworks poses unprecedented dangers that regulation alone cannot address.

The presentation delves into securing AI & LLMs, covering threat modeling, API testing, red teaming, emphasizing robustness & reliability, sparking conversation on our interactions with GenAi.

Justin Rhinehart distills for us and the broader public how this type of “marquee” research comes to market in an ethical and responsible way. Watch Now!