Resource Center

Explore key findings and insights from the CRA Business Intelligence Cloud Security Survey of more than 300 security leaders & practitioners.

Tune into our webcast to learn more about Attack Surface Management and tips for evaluating solutions. GigaOm analyst Chris Ray joins us to share his insights!

In our sixth edition of the Tool Talk series, we explore a new test harness for discovering and crafting Ruby exploits.

In our fifth edition of the Tool Talk series, we explore ripgen, a subdomain discovery tool designed to significantly increase permutation combinations.

Uncover your organization’s unique cost savings and risk mitigation strategy for a continuous offensive testing solution with our customized ROI calculation.

Examine your organization’s level of ransomware preparedness through the lens of offensive security considerations.

Overview of Bishop Fox’s methodology for Secure Code Review.

Explore the benefits of continually hacking yourself to discover new assets (including many you don’t even know you have) and their associated vulnerabilities.

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

Comprehensive overview of the fast-growing Attack Surface Management category from the cybersecurity experts at Security Weekly Labs.

SW Labs assessed Bishop Fox’s Cosmos (formerly CAST) the “Best Emerging Technology" Attack Surface Management Platform of 2021.

See how low-risk exposures can become catalysts for destructive attacks. We include examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high-value targets.

On-demand webcast offers an in-depth look at how DevOps can integrate both automated and manual code review into the software development lifecycle.

In the hands of skilled attackers, many "low risk" exposures serve as launching pads or steppingstones to more complex and destructive attacks. Join our webcast as we dive into real-world examples.

What if security could become an integral framework within the software development process? Join Tom Eston and Chris Bush to learn how Threat Modeling is changing the way organizations manage application security risks.

Get the buzz on fuzz testing in software development.

On-demand webcast provides an in-depth look at using Continuous Attack Surface Testing (CAST) to identify and close attack windows before it’s too late.

This handy guide provides a list of great resources for learning to be a pen tester.

On-demand webcast explores how the right DevSecOps strategy empowers both your security and development teams.

On-demand webcast dives into the role of application penetration testing in today’s software development lifecycle (SDLC).

Apollo selected Bishop Fox to perform a Google Security Assessment to evaluate the security of its application, external perimeter, and Google Cloud Platform (GCP) environment, as well as conduct a review of its responses to Google’s required self-assessment questionnaire (SAQ).

In Episode 1 of our Tool Talk series we explore Eyeballer, an AI-powered, open-source tool designed to help penetration testers assess large-scale external perimeters.

This slide deck includes:

• Fuzzing Basics
• How Fuzzing Works
• Popular Fuzzing Tools

Join our panelists as they dive into the attacker’s perspective and how you can identify unusual activity and harden systems against further compromise.