Discover offensive security resources ranging from reports and guides to our latest webcasts and livestreams.
AI's Dark Potential: Robert Hansen, RSnake and Author of AI's Best Friend, Warns of Superintelligence Risks
Security pioneer Robert "RSnake" Hansen shares insights from his book "AI's Best Friend," revealing why artificial intelligence without moral frameworks poses unprecedented dangers that regulation alone cannot address.
Testing LLM Algorithms While AI Tests Us
The presentation delves into securing AI & LLMs, covering threat modeling, API testing, red teaming, emphasizing robustness & reliability, sparking conversation on our interactions with GenAi.
Behind closed (but vulnerable) doors: How do we get research like Unsaflok?
Justin Rhinehart distills for us and the broader public how this type of “marquee” research comes to market in an ethical and responsible way. Watch Now!
Bishop Fox RSAC 2024 Livestream
Join us for our 2nd Annual Bishop Fox RSAC Livestream event - an electrifying convergence where innovation meets expertise in the realm of cybersecurity.
Cyber Resilience: Tactics for Post-Attack Recovery
Join Christie Terrill and Tom Eston as they share practical advice on the proactive security measures you can take today and provide a space to ask our security experts your most pressing questions.
Mitigate Third-Party Risks by Strengthening Security Foundations
Hear from Anirban Banerjee, CEO and Co-founder of Riscosity, and Matt Twells, Sr. Solution Architect at Bishop Fox, as they explore critical considerations for developing a security program that prioritizes third-party risk reduction.
Women in Cybersecurity: Breaking Codes, Breaking Barriers
Tune into our special livestream event where we highlight the remarkable achievements of women in the field of cybersecurity, celebrating their contributions during Women's History Month.
Pathways in Security: 21 Questions with Attack Surface Analyst Sarah Muriel
Get to know our Lady Foxes in our "21 Questions with Bishop Fox" video series. In this episode, hear from Sarah Muriel, Attack Surface Analyst
Women in Cybersecurity: 21 Questions with Security Consultant Lindsay Von Tish
Get to know our Lady Foxes in our "21 Questions with Bishop Fox" video series. In this episode, hear from Lindsay Von, Security Consultant II.
Beyond Checkbox Compliance: Maximizing Security Value from PCI DSS Penetration Testing
Security Consultant Derek Rush shares how organizations can transform mandatory PCI penetration tests from compliance exercises into meaningful security assessments by following industry guidance and adopting attacker-focused methodologies.
The Zero-Day Arms Race: Why Asset Management Trumps Vulnerability Whack-a-Mole
Caleb Gross, Director of Capability Development, gives his insight on the dynamics of exploit creation and execution and what organizations can do to not only mitigate risk from this event, but also stay focused on minimizing exposure across the business.
Exploiting Java Deserialization in GWT: From Detection to Command Execution
Watch our exclusive livestream with Ben Lincoln, Managing Principal at Bishop Fox, to learn about GWT web application vulnerabilities, exploitation strategies, and security enhancement recommendations.
Sliver Mastery: Dominating Active Directory Through Advanced Trust Exploitation
Senior security expert Jon Guild demonstrates how to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.
Does X Mark a Target? with Trevin Edgeworth, Director of Red Team
In light of the recent security breaches involving Bitcoin and SEC’s X account, our Red Team Practice Director, Trevin Edgeworth, analyzes the role of fluctuating security programs in these incidents. He discusses how attackers exploit confusion, communication gaps, and vague policies, and identifies weak points in shared security responsibility.
What Unpatched Vulnerabilities Reveal: A Red Teamer's Perspective by Trevin Edgeworth, Director of Red Team
Bishop Fox's Red Team Director, Trevin Edgeworth, spotlights two notable vulnerabilities - left unpatched for years on end and discusses how unpatched vulnerabilities can wreak havoc on businesses. One, an unpatched six-year-old flaw in Microsoft Office, the other in Google Web Toolkit (GWT), unaddressed for eight years.
How Does Social Engineering Work? From Planning to Execution
Join our webcast as we navigate the complex terrain of social engineering, offering insights into its various stages from planning to execution, common phishing techniques, and the necessity of ongoing vigilance and proactive strategies to combat this pervasive issue.
Cosmos Datasheet
| Learn how Cosmos combines attack surface management with expert-driven penetration testing to help security teams identify and remediate dangerous exposures before attackers can exploit them. |
Cosmos Attack Surface Management (CASM) Datasheet
| Learn how this innovative managed service combines advanced attack surface technology with expert-driven testing to help you quickly close the window of vulnerability and strengthen resilience against ever-changing threats. |
CloudFoxable: A Practical Demo of AWS Cloud Security Misconfiguration Attacks
Watch the CloudFoxable demo to see a gamified cloud hacking sandbox where users can find latent attack paths in an intentionally vulnerable AWS environment.
The New CISO Special: Organizing the Chaos in Your First 100 Days
With Senior Solutions Architect Matt Twells, Bishop Fox offers a comprehensive guide to ease into your role confidently, providing a strategic framework to streamline your initial efforts.
Cloud Security Podcast: Cloud Pen Test of AWS with Open Source
Hear from Bishop Fox's Seth Art in Episode 161 of Cloud Security Podcast as he shares his extensive experience with cloud penetration testing.
News Insights: 23AndMe with Alethe Denis, Security Expert - Red Team
Alethe Denis, a Bishop Fox Senior Red Team consultant and Social Engineering expert, reveals her quick-take perspective on what she sees as different about the 23AndMe breach, and how it’s viewed by someone who is a career social engineer.
Red Team Datasheet
| Learn how our engagements align to your targeted outcomes, purpose-built to emulate specific attack types, worrisome adversary groups, and emerging tactics that present the greatest risk to your environment. |
A Practical Guide to Operationalizing the FDA's 2023 Cybersecurity Requirements
Join our webcast with Matt Twells to understand the impact of the FDA's HR.2617 legislation on medical device cybersecurity, learn how to build a robust plan, address vulnerabilities, manage supply chain risks, and anticipate future trends.
This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.
