Blog

In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand how an attacker exploits…

Today’s reality in cybersecurity is that, with the right combination of tools, you may be able to see all kinds of misconfigurations … and…

  Pen-testers! Red-teamers! We’ve prepared a bucket of new Azure techniques, specifically about Azure function app sites. In this blog, we’ll show you new…

Breach and Attack Simulation is gaining lots of hype today. Yet simulating attacks can mean many different things and serve many different use cases….

We understand the facts: The most common open-source library (Java) has already been identified with 3 CVEs and counting, with over 3 million attacks…

If you want to solve a problem, defining your terms is essential — and there are few more pressing problems than safeguarding critical assets…

After so many recent high-profile ransomware attacks, CISOs, SOC Managers and other cybersecurity leaders are certainly aware of the risks involved. Global costs from…

Today’s organizations are overwhelmed since the world first learned about the Log4Shell vulnerability (aka Log4J CVE-2021-44228, CVE-2021-45046). If prioritizing your vulnerabilities was a daunting…

  Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security consultants, and cloud experts…

It’s No Secret Migrating to and maintaining a hybrid cloud environment continues to be challenging from a cybersecurity point of view. New security gaps…

In recent years, the concept of attack surface management has begun to gain traction. When executed correctly, it can dramatically strengthen your security posture and…

Managing cybersecurity vulnerabilities is enough to make anyone feel under siege. In recent years there have been anywhere from 30-40 new vulnerabilities released daily,…