Resource Center

Join us Friday, August 11, 2023 for a livestream from DEF CON 31 to hear seasoned hackers and cybersecurity experts uncover the intricacies of ethical hacking and how the hacker spirit can be harnessed to push the boundaries of technology.

Download our guide to discover the current challenges in securing the cloud, the approach offensive security takes through cloud penetration testing, and the differences and advantages of investing in CPTs as part of a cloud security program.

In a new study conducted with Bishop Fox, the Ponemon Institute surveyed nearly 700 security and IT practitioners who actively employ offensive security practices. The analysis explores where enterprises are focusing offensive security efforts and the drivers behind them.

Watch the third episode of our What the Vuln technical series as we share the most intriguing vulnerabilities that we encountered in Q2 2023 and how we hacked them.

Hear from experts Larry Ponemon & Tom Eston, as they reveal our findings from a joint report with the Ponemon Institute on the 'State of Offensive Security' in 2023.

Read our eBook to learn how Red Teaming can provide the ultimate training ground for your defenses, assessing how well (or not) intrusions are detected and how an attacker can move throughout your network to achieve exfiltration.

Join Bishop Fox for a fireside chat with renowned cybersecurity experts – Evan Wolff & Justin Greis. We’ll discuss how new proposed regulations will impact offensive security initiatives, both short- and long-term.

In this technical guide, offensive security expert Shanni Prutchi provides analysis of the entire 278 verification requirements listed in OWASP's ASVS standard to assist in the generation of test cases and provide context to companies looking to test their applications against the standard.

Get new analyst insights on the benefits of continuous testing.

Join our offensive security experts as they share insights gleaned from analyzing twelve months of findings captured in Cosmos, our award-winning attack surface management platform.

Learn how to power up web application security testing with tips on creating customized extensions featuring BurpCage, an extension that replaces any image proxied through Burp Suite leveraging the Montoya API.

Download Bishop Fox's IR tabletop exercise methodology to understand how we develop realistic attack scenarios, facilitate collaborative exercises, and assess your organization's incident response readiness.

Get Bishop Fox's social engineering testing methodology. See how we simulate phishing, vishing, and physical attacks to strengthen your security awareness.

Designed for security researchers, this guide is an invaluable resource for advice on which cybersecurity terms to use in reports and how to use them correctly.