New from Ponemon Institute: The State of Offensive Security in 2023. Read the Report ›
The Wolf in Sheep’s Clothing
See how low-risk exposures can become catalysts for destructive attacks. We include examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high-value targets.
Cracking the Code: Secure Code Review in DevSecOps
On-demand webcast offers an in-depth look at how DevOps can integrate both automated and manual code review into the software development lifecycle.
The Wolf in Sheep's Clothing: How Innocuous Exposures Become Infamous
In the hands of skilled attackers, many "low risk" exposures serve as launching pads or steppingstones to more complex and destructive attacks. Join our webcast as we dive into real-world examples.
What Bad Could Happen? Managing Application Risk with Threat Modeling
What if security could become an integral framework within the software development process? Join Tom Eston and Chris Bush to learn how Threat Modeling is changing the way organizations manage application security risks.
Tool Talk: Fuzzing
Get the buzz on fuzz testing in software development.
Outpacing the Speed and Precision of Modern Attackers with Continuous Attack Surface Testing
On-demand webcast provides an in-depth look at using Continuous Attack Surface Testing (CAST) to identify and close attack windows before it’s too late.
Penetration Testing Resource Guide
This handy guide provides a list of great resources for learning to be a pen tester.
How to Build a DevSecOps Program that Works for Developers AND Security
On-demand webcast explores how the right DevSecOps strategy empowers both your security and development teams.
DevSecOps and Application Penetration Testing: Defying the Myth
On-demand webcast dives into the role of application penetration testing in today’s software development lifecycle (SDLC).
Gravity-Defying Security: An Apollo.io Story
Apollo selected Bishop Fox to perform a Google Security Assessment to evaluate the security of its application, external perimeter, and Google Cloud Platform (GCP) environment, as well as conduct a review of its responses to Google’s required self-assessment questionnaire (SAQ).
Tool Talk: Eyeballer
In Episode 1 of our Tool Talk series we explore Eyeballer, an AI-powered, open-source tool designed to help penetration testers assess large-scale external perimeters.
Fuzzing: Get the buzz on fuzz testing in software development
This slide deck includes: