Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Featured Resource

Cyber Resilience: Tactics for Post-Attack Recovery

Join Christie Terrill and Tom Eston as they share practical advice on the proactive security measures you can take today and provide a space to ask our security experts your most pressing questions.

Headshot of speaker Derek Rush with title text "Penetration Testing: Navigating PCI DSS Compliance"

Penetration Testing: Navigating PCI DSS Compliance

Join our webcast with Derek Rush, Managing Senior Consultant II, as we explore achieving PCI DSS compliance using targeted penetration testing. Discover vital strategies for securing payment environments against cyber threats through tests on applications, networks, and cloud services.

Screenshot of Caleb Gross in a video for News Insights focused on the Invanti vulnerability

News Insights: Boy, that Escalated Quickly - How Zero-Day Disclosures Alter Attacker Strategy

Caleb Gross, Director of Capability Development, gives his insight on the dynamics of exploit creation and execution and what organizations can do to not only mitigate risk from this event, but also stay focused on minimizing exposure across the business.

Black and dark purple background with speaker headshot on left side. Teal background in speaker headshot. White and teal letters.

GWT Java Deserialization: Unpatched and Unauthenticated

Watch our exclusive livestream with Ben Lincoln, Managing Principal at Bishop Fox, to learn about GWT web application vulnerabilities, exploitation strategies, and security enhancement recommendations.

Pwing the Domain with Silver Framework with purple and black background.

Pwning the Domain with Sliver Framework

Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.

Video player with Trevin Edgeworth, Red Team Practice Director

News Insights: Patch Procrastination with Trevin Edgeworth, Director of Red Team

Bishop Fox's Red Team Director, Trevin Edgeworth, spotlights two notable vulnerabilities - left unpatched for years on end and discusses how unpatched vulnerabilities can wreak havoc on businesses. One, an unpatched six-year-old flaw in Microsoft Office, the other in Google Web Toolkit (GWT), unaddressed for eight years.

Thumbnail of Bishop Fox Video News Insights X Marks Target featuring Trevin Edgeworth.

News Insights: Does X Mark a Target? with Trevin Edgeworth, Director of Red Team

In light of the recent security breaches involving Bitcoin and SEC’s X account, our Red Team Practice Director, Trevin Edgeworth, analyzes the role of fluctuating security programs in these incidents. He discusses how attackers exploit confusion, communication gaps, and vague policies, and identifies weak points in shared security responsibility.

Headshot of Dardan Prebreza, senior security consultant and webcast title: "How does social engineering works? From planning to execution"

How Does Social Engineering Work? From Planning to Execution

Join our webcast as we navigate the complex terrain of social engineering, offering insights into its various stages from planning to execution, common phishing techniques, and the necessity of ongoing vigilance and proactive strategies to combat this pervasive issue.


Cosmos Datasheet

Learn how Cosmos combines attack surface management with expert-driven penetration testing to help security teams identify and remediate dangerous exposures before attackers can exploit them.
Managed Security Service: Cosmos External Penetration Testing (CEPT) datasheet pages thumbnail floating on dark background..

Cosmos External Penetration Testing (CEPT) Datasheet

Learn how Cosmos External Penetration Testing (CEPT) expands the scope of Cosmos Attack Surface Management to deliver the highest level of attack surface protection and meet compliance requirements.

Managed Service Cosmos Attack Surface Management datasheet cover pages floating on dark background.

Cosmos Attack Surface Management (CASM) Datasheet

Learn how this innovative managed service combines advanced attack surface technology with expert-driven testing to help you quickly close the window of vulnerability and strengthen resilience against ever-changing threats.
Managed Security Service: Cosmos Application Penetration Testing (CAPT) datasheet pages floating on dark background.

Cosmos Application Penetration Testing (CAPT) Datasheet

Learn how to strengthen the security of your critical business applications with authenticated assessments that uncover the full spectrum of exposures above and below the surface.
2024 Q2 CAPT Methodology Digital Tile

Cosmos Application Penetration Testing Methodology

This methodology document provides an overview of Bishop Fox's Cosmos Application Penetration Testing engagements.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.