Blog

Debuting at RSA 2022 we will show the industry how we can link the use of Active Directory (AD) into the entire attack path,…

Overview At XM Cyber, we have been hard at work on the techniques that attackers use against your VMware environments. What you’re about to…

Now it’s no secret businesses have ramped up and driven the adoption of the cloud faster than any period previously. One of the key…

The industry’s first annual attack path management research report is here! The XM Cyber research team analyzed nearly 2 million entities to bring insights…

Effective cybersecurity can be distilled to a single idea: Protect your most business critical assets. Protecting your most critical assets, in turn, can be…

Overview On March 30, A new zero day critical vulnerability was leaked in another open source software library. The vulnerability affects Spring Framework which…

In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand how an attacker exploits…

Today’s reality in cybersecurity is that, with the right combination of tools, you may be able to see all kinds of misconfigurations … and…

  Pen-testers! Red-teamers! We’ve prepared a bucket of new Azure techniques, specifically about Azure function app sites. In this blog, we’ll show you new…

Breach and Attack Simulation is gaining lots of hype today. Yet simulating attacks can mean many different things and serve many different use cases….

We understand the facts: The most common open-source library (Java) has already been identified with 3 CVEs and counting, with over 3 million attacks…

If you want to solve a problem, defining your terms is essential — and there are few more pressing problems than safeguarding critical assets…