Recent
Zero footprint attacks: 3 steps to bypass EDR with reflective loading
EDR (Endpoint Detection and Response) evasion techniques are becoming increasingly common amongst attackers as they evolve their strategies to bypass ...

The fundamentals of cloud security stress testing

“Defenders think in lists, attackers think in graphs” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those...

Pentera’s 2024 report reveals hundreds of security events per week, highlighting the criticality of continuous validation

Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half....

Four steps the financial industry can take to cope with their growing attack surface

The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobil...

The elephant 🐘 in the cloud

As much as we love the cloud, we fear it as well. We love it because cloud computing services of Amazon, Azure, and Google have transformed operati...

A new era of tested cloud security is here

Cloud computing has fundamentally changed how we operate. It's efficient and scalable, but it's not without some problems. Security is the biggest. As...
2024 State of Pentesting Survey
Download

Ivanti zero-day vulnerabilities: Understand your impact

Ivanti Ground Zero On January 10, 2024, Ivanti disclosed two vulnerabilities, CVE-2023-46805 and CVE-2024-21887, impacting its Ivanti Connect Secur...

How to attack and protect WebLogic server

WebLogic is a popular enterprise middleware tool that orchestrates the interaction between backend systems and frontend clients. This makes it a val...

Why cyber defenders should embrace a hacker mindset

Today's security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud serv...
Begin your security validation journey
Request a demo
Book your demo now >
Explore
Why business risk should be your guiding north star for remediation
We all know the culprits. Cloud adoption, remote and hybrid work arrangements and a long list of must-have technologies have led to an ever-expandin...

Navigating legacy infrastructure: A CISO’s strategy for success

Every company has some level of tech debt. Unless you’re a brand new start-up, you most likely  have a patchwork of solutions that have been impleme...

The LOLBAS isn’t so funny when it bites you in the BAS

LOLBAS (Living Off the Land Binaries And Scripts) is an attack method that uses binaries and scripts that are already part of the system for malicio...

Death by default: Neglected network protocols you should know

The rapid pace of technological advancements constantly create new attack vectors and attack surfaces. Consequently, it is critical to constantly st...
The State of Pentesting 2023: Global trends in cybersecurity
In the past 24 months, more than 88% of organizations have been breached.  That's right: almost nine out of ten companies were hacked. Consid...

The first step to hacking MSSQL databases

The version of an MSSQL database is a valuable piece of information for cyber attackers. With the version details in hand, they can attempt to find ...

How to reduce exposure on the manufacturing attack surface

Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts...

Ensuring that security is proactive and preventative

Despite major investments in their security suites, organizations continue to be breached. Our Co-founder and CTO, Arik Liberzon, recently sat down ...
The Buyer's Guide to Security Validation
Download

How to achieve data-at-rest encryption for MongoDB (Community Edition) container using eCryptfs

In this post, we will examine one method of encrypting data-at-rest, specifically how to achieve Data-at-Rest Encryption for MongoDB Community Editi...