We share our expertise to make the world a safer place.
InfoSec moves at a rapid pace and sometimes it’s hard to keep up—that’s where we enter the chat.
Discover current cybersecurity insights
Get vital information straight from the experts, without all the noise.
Black Hat USA Training - Supply-Chain to Runtime: Attacking & Defending the Modern DevOps Stack
During our Black Hat training, go beyond network pentesting fundamentals and gain the attacker and defender perspective needed to conduct modern,…
JS-Tap v3: Endpoint Post-Exploitation With JavaScript Implants
When I first wrote JS-Tap, the goal was to provide red teamers with a generic JavaScript payload that works without prior knowledge of a web application and…
Hardening Intune: The Implementation Guide
Part 2: Step-by-Step Configuration for Every ControlThis is Part 2 of a two-part series on Intune security hardening. Part 1 covers the attacks we have seen…
How to Train Your (Dragons) Analysts - A TrustedSec Guide to Picking the Perfect Purple Team
Whether it be the advent of AI technologies, new Red-Team techniques and exploits, or new patches and emergent defensive technologies, it’s pretty clear to all…
The Privileged Roles Nobody Talks About
Part 1: Why Your MDM Platform is a Tier 0 AssetThis is Part 1 of a two-part series on Intune security hardening. This post covers what we have seen in real…
Attack at Machine Speed: Building an Incident Response Program That Can Keep Up
AI is changing how attackers operate. In this webinar, we cover how to build an Incident Response program that meets modern attacks head-on so your…
CMMC Conditional Status - Contracting Without Compliance
The CMMC rollout is progressing. Contracts that require a CMMC Level 2 (Self) self-assessment have been circulating since the start of Phase 1 in November…
Security Noise - The Soap Opera That AI Created
On this episode of Security Noise, we are talking about the metaphorical soap opera that AI created, entertaining the implications of the recent OpenAI trial…
PCI DSS, Telephone Payments, and the Problems With VoIP
Turns out your VoIP system has some opinions about your PCI DSS compliance. Director of Advisory Services Chris Camejo breaks down who's affected and how to…
Shai-Hulud Is Back, and This Time It Ate the Whole Ecosystem
Same worm, different wave. In our new blog, Director of Security Intelligence Carlos Perez covers Shai-Hulud, how this supply-chain malware can eat your whole…
Coverage-Driven Sustained Testing (CDST): A Graph-Oriented Model for Open-Ended Agentic Workflows
1.1 IntroductionRalph is a solid tool that makes agents do…more. It's defined as: an autonomous AI agent loop that runs repeatedly until all PRD items are…
Security Noise - Canvas On Fire: Inside the Largest Education-Sector Breach in History
Let's dive into the attack details of the Canvas ransomware incident, response strategies, and overall outlook for cybersecurity in education and beyond.…
Loading...
Get our best blogs, latest webinars, and podcasts sent to your inbox.
Our monthly newsletter makes it easy to stay up-to-date on the latest in security.
