We share our expertise to make the world a safer place.
InfoSec moves at a rapid pace and sometimes it’s hard to keep up—that’s where we enter the chat.
Discover current cybersecurity insights
Get vital information straight from the experts, without all the noise.
Guarding Your Inbox: Navigating Business Email Compromises
Join our experts as they dive into the world of Business Email Compromises (BECs) to equip you with the knowledge to fortify your organization's inboxes.
Transformative Detection Engineering with Impede
Join the excitement as Ben Mauch, Managing Director of Tactical Awareness and Countermeasures (TAC), leads the way in celebrating launch of Impede with a live…
What is Hackvertor (and why should I care)?
1.1 What’s Hackvertor and why should I care?Years ago, Gareth Heyes created a Burp Suite (Burp) extension called Hackvertor. It’s an extension with a lot…
Clickjacking: Not Just for the Clicks
tl;dr versionYou can trick users into "typing" inputs in a clickjacking attack.YouTube demo: https://www.youtube.com/watch?v=VIEZ1aByFvUPoC GitHub Repo:…
Book Review - The Definitive Guide to PCI DSS Version 4
As a PCI QSA, I have answered numerous questions about the new PC DSS Version 4. With over 500 total controls, and at least 100 of them unique to this version,…
Security Noise - Episode 6.11
The Road Ahead: Red Teaming and Targeted Ops
The Triforce of Initial Access
LootWhile Red Teamers love to discuss and almost poetically describe their C2 feature sets, EDR evasion capabilities, and fast weaponizing of N-day exploits,…
JS-Tap: Weaponizing JavaScript for Red Teams
How do you use malicious JavaScript to attack an application you know nothing about?Application penetration testers often create custom weaponized JavaScript…
JS-Tap: Weaponizing JavaScript for Red Teamers
During this webinar, Senior Security Consultant, Drew Kirkpatrick will introduce a new open source tool, JS-Tap, that is designed to allow Red Teamers to…
Security Noise - Episode 6.10
The Road Ahead: Network Penetration Testing
Virtual Q&A With The PCI Dream Team: What to Expect in 2024
Get the inside track on PCI DSS Version 4 as the PCI Dream Team takes the virtual stage. They will cover a variety of topics centered around v4 from both…
A Hitch-hacker's Guide to DACL-Based Detections (Part 3)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this third and final…
Loading...
Get our best blogs, latest webinars, and podcasts sent to your inbox.
Our monthly newsletter makes it easy to stay up-to-date on the latest in security.
