What are Breach and Attack Simulations?
These exercises are led by seasoned security professionals and staged under controlled environments. Ultimately, both sides work together to provide…
Glossary
What is a Red Team?
Red teams are “ethical hackers” who help test an organization’s defenses by identifying vulnerabilities and launching attacks in a controlled…
Glossary
What is a Blue Team?
During cyber security testing engagements, blue teams evaluate organizational security environments and defend these environments from red teams. These red…
Glossary
What is a Purple Team?
In the context of cybersecurity testing, red teams play the role of attackers, and blue teams act as defenders.…
Glossary
Hybrid Cloud Security
Reduce risk with continuous assessment Migrating to and maintaining a hybrid cloud environment continues to be challenging from a cybersecurity…
Solution Briefs
Ask me Anything about Ransomware
We gathered a forum of experts to answer your burning questions on the topic of ransomware
Webinars
Attack Path vs Attack Vector: Important Differences You Need To Know
If you want to solve a problem, defining your terms is essential — and there are few more pressing problems…
Blog
Top 3 Benefits of Ransomware Readiness Assessment
After so many recent high-profile ransomware attacks, CISOs, SOC Managers and other cybersecurity leaders are certainly aware of the risks…
Blog
Time to go beyond Log4Shell and see the entire attack path
Today’s organizations are overwhelmed since the world first learned about the Log4Shell vulnerability (aka Log4J CVE-2021-44228, CVE-2021-45046). If prioritizing your…
Blog
XM Cyber Advisory – Log4Shell, CVE-2021-44228
Overview Last Thursday, December 9, the Log4Shell vulnerability, CVE-2021-44228 (CVSS score 10), was discovered. This remote code execution (RCE) vulnerability…
CVE Advisory
XMGoat – An Open Source Pentesting Tool for Azure
Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security…
Blog
Reinforce AWS Security with Continuous and Automated Mitigation of Hybrid Cyber Risk
It’s No Secret Migrating to and maintaining a hybrid cloud environment continues to be challenging from a cybersecurity point of…
Blog
Request a demo
