Resource Center

Overview of Bishop Fox’s methodology for Secure Code Review.

Explore the benefits of continually hacking yourself to discover new assets (including many you don’t even know you have) and their associated vulnerabilities.

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

Comprehensive overview of the fast-growing Attack Surface Management category from the cybersecurity experts at Security Weekly Labs.

SW Labs assessed Bishop Fox’s Cosmos (formerly CAST) the “Best Emerging Technology" Attack Surface Management Platform of 2021.

See how low-risk exposures can become catalysts for destructive attacks. We include examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high-value targets.

On-demand webcast offers an in-depth look at how DevOps can integrate both automated and manual code review into the software development lifecycle.

In the hands of skilled attackers, many "low risk" exposures serve as launching pads or steppingstones to more complex and destructive attacks. Join our webcast as we dive into real-world examples.

What if security could become an integral framework within the software development process? Join Tom Eston and Chris Bush to learn how Threat Modeling is changing the way organizations manage application security risks.

Get the buzz on fuzz testing in software development.

On-demand webcast provides an in-depth look at using Continuous Attack Surface Testing (CAST) to identify and close attack windows before it’s too late.

This handy guide provides a list of great resources for learning to be a pen tester.

On-demand webcast explores how the right DevSecOps strategy empowers both your security and development teams.

On-demand webcast dives into the role of application penetration testing in today’s software development lifecycle (SDLC).

Apollo selected Bishop Fox to perform a Google Security Assessment to evaluate the security of its application, external perimeter, and Google Cloud Platform (GCP) environment, as well as conduct a review of its responses to Google’s required self-assessment questionnaire (SAQ).

In Episode 1 of our Tool Talk series we explore Eyeballer, an AI-powered, open-source tool designed to help penetration testers assess large-scale external perimeters.

This slide deck includes:

• Fuzzing Basics
• How Fuzzing Works
• Popular Fuzzing Tools

Join our panelists as they dive into the attacker’s perspective and how you can identify unusual activity and harden systems against further compromise.

Listen to Jayson E. Street, Hacker & Author of "Dissecting the Hack: The F0rb1dd3n Network," discuss his hacking adventures with Bishop Fox hosts Tom Eston and Joe Sechman during our inaugural 2022 DEF CON livestream!

Tune in as Ray Espinoza, CISO at Inspectiv, discusses coaching in security, making infosec more diverse, doing vulnerability management, and more!

Hear Raghu Nandakumara, Senior Director and Head of Solutions at Illumio, discuss ransomware and zero-trust segmentation.

Check out Kevin Johnson, co-host of The Shared Security Show Podcast, discuss topics like open-source, the OWASP SamuraiWTF, and application security!

Listen to this exclusive interview with Bishop Fox CEO Vinnie Liu where he shares his opinion on various cybersecurity trends and hot topics.

Listen to social engineering expert Alethe Denis share her stories and insight with our DEF CON livestream hosts Tom Eston and Joe Sechman.