Blog

Blog
5 Ways to Make Attack Path Management More Manageable

5 Ways to Make Attack Path Management More Manageable
Effective cybersecurity can be distilled to a single idea: Protect your most business critical assets. Protecting your most critical assets,…
Blog

XM Cyber Advisory – Spring4Shell, Zero Day
Overview On March 30, A new zero day critical vulnerability was leaked in another open source software library. The vulnerability…
Blog

New Privilege Escalation Techniques are Compromising your Google Cloud Platform
In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand…
Blog
See All Ways3 (1)

See All Ways: How to Overcome the Big Disconnect in Cybersecurity
Today’s reality in cybersecurity is that, with the right combination of tools, you may be able to see all kinds…
Blog

10 ways to gain control over Azure function app sites
  Pen-testers! Red-teamers! We’ve prepared a bucket of new Azure techniques, specifically about Azure function app sites. In this blog,…
Blog

Choosing Attack Path Management Over Security Control Validation When Shopping for Breach & Attack Simulation
Breach and Attack Simulation is gaining lots of hype today. Yet simulating attacks can mean many different things and serve…
Blog

Go Beyond Log4Shell and See the Entire Attack Path
We understand the facts: The most common open-source library (Java) has already been identified with 3 CVEs and counting, with…
Blog

Attack Path vs Attack Vector: Important Differences You Need To Know
If you want to solve a problem, defining your terms is essential — and there are few more pressing problems…
Blog
Top 3 Benefits of Ransomware Readiness Assessment

Top 3 Benefits of Ransomware Readiness Assessment
After so many recent high-profile ransomware attacks, CISOs, SOC Managers and other cybersecurity leaders are certainly aware of the risks…
Blog

Time to go beyond Log4Shell and see the entire attack path
Today’s organizations are overwhelmed since the world first learned about the Log4Shell vulnerability (aka Log4J CVE-2021-44228, CVE-2021-45046). If prioritizing your…
Blog
XMGoat

XMGoat – An Open Source Pentesting Tool for Azure
  Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security…
Blog

Reinforce AWS Security with Continuous and Automated Mitigation of Hybrid Cyber Risk
It’s No Secret Migrating to and maintaining a hybrid cloud environment continues to be challenging from a cybersecurity point of…
Blog
1 11 12 13 14 15 30

Request a demo

See what attackers see, so you can stop them from doing what attackers do.