Resource Center

We have seen many ICS attacks both in the news and in several talks at security conferences. They show how ICS protocols are insecure by default and how we can mess with control components so easily. However, from a consulting point of view, are we really asking our ICS clients to let us mess with their critical infrastructure just to show what we already know?

Tom Eston, AVP of Consulting at Bishop Fox, shares his best advice for becoming a successful manager and leader in the security industry.

Met aggressive Google Partner security requirements under tight deadlines without sacrificing quality.

Validated the security of its Kubernetes environments with independent cloud assessments, ensuring trust across its SaaS platform.

Get an independent analyst review of Cosmos (formerly CAST), Bishop Fox's continuous offensive security monitoring solution.

Overview of Bishop Fox’s methodology for hybrid application penetration testing.

Learn Bishop Fox's proven threat modeling approach. Proactively address security issues across your SDLC with in-depth threat analysis and mitigation strategies.

Overview of Bishop Fox’s methodology for external penetration testing.

Overview of Bishop Fox’s methodology for internal penetration testing.

When they needed a security assessment to meet the requirements of the Google Partner Security Program, Aspire came to Bishop Fox. Bishop Fox evaluated their application, Azure environment, and external perimeter. As a result, the Aspire team satisfied Google's requirements.

Gained complete attack surface visibility through always-on testing at scale, detecting and neutralizing risks as they appear.

Overview of Bishop Fox’s methodology for conducting product security reviews.

Underwent rigorous privacy audits and penetration testing for the FreeFlight 6 mobile app and API to ensure a secure user experience.

This guide covers what to expect when engaging Bishop Fox to perform a Google Nest Security Assessment, including timeline, scoping, scheduling, and reporting.

This guide covers what to expect when engaging Bishop Fox to perform a Google Partner OAuth Application security assessment, including project timeline, onboarding and scoping, and deliverables.

Proved the impact of micro-segmentation in slowing attackers with a custom testing methodology.

Presented at Black Hat 2020, this presentation looks at the most pragmatic ways to continuously analyze your AWS environments and operationalize that information to answer vital security questions. Demonstrations include integration between IAM Access Analyzer, Tiros Reachability API, and Bishop Fox CAST Cloud Connectors, along with a new open source tool SmogCloud to find continuously changing AWS internet-facing services.

Black Hat USA 2020 presentation looks at pragmatic ways to answer vital security questions in your AWS environment.

Illumio Field CTO Raghu Nandakumara and Bishop Fox Principal Researcher Rob Ragan discuss the efficacy of microsegmentation in this interview.

In this video, Dan Petro demonstrates how the Bishop Fox open source tool Dufflebag works.

In the talk: Demystifying CTFs, Barrett Darnell will provide an overview of CTF formats, the skills they require and the experience they develop, and conclude with a plethora of CTF resources for those wanting to participate.

If you’re a hacker who has always been too afraid of RF protocols to try getting into SDRs, or you have a HackRF collecting dust in your closet, this talk will show you the ropes.

Telerik UI for ASP.NET AJAX is a widely used suite of UI components for web applications.