Recent
Pentera API Security Automation: Advanced Cybersecurity Use Cases
If you’re looking for ways to automate and streamline your security validation operations, the Pentera API is a powerful tool to have in your arsenal....

Security Validation ROI: Justifying Cyber Investments

In a recent feature on The Hacker News, Shawn Baird, Associate Director of Offensive Security & Red Teaming at DTCC, shared how he successfully co...
CVE-2024-47176

CVE-2024-47176 – Linux Privilege Escalation via CUPS Vulnerability

What is CVE-2024-47176? A Linux Privilege Escalation Vulnerability CVE ID: CVE-2024-47176 Description: A privilege escalation vulnerability in the...
Blurring Boundaries: Risks of AWS SSM in Hybrid Landscapes

Deciphering the Risks of AWS SSM in Hybrid Environments

Introduction  Hybrid cloud environments are becoming the backbone of enterprise IT infrastructure, offering unparalleled scalability and flexibilit...

Ransomware Insider Threats: Understanding the Growing Danger

Understanding the Risks of Ransomware Insider Threats The trope of the burglar comparison in cybersecurity is more than overused. But when we talk ...

From Compliance to Confidence: Achieving CMMC 2.0 Certification

For many contractors, navigating the complexities of CMMC compliance presents significant challenges. The Cybersecurity Maturity Model Certification (...
2024 State of Pentesting Survey
Download

Continuous Ransomware Validation: Why Annual Testing Is No Longer Enough

Ransomware isn’t just a security issue; it’s a business problem that’s grown too big to ignore. What started as floppy-disk attacks back in the 1980s ...

What is BAS 2.0 and Why You Need It

In a fast-evolving threat landscape, traditional Breach and Attack Simulation (BAS) tools are limited. Built based on predefined scenarios, they’re gr...

How to Prioritize Vulnerabilities Effectively

There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. How is that? Well, if you were the a...
Begin your security validation journey
Request a demo
Book your demo now >
Explore
How DTCC Upgraded their SOC into a Cyber Threat Fusion Center
By Shawn Baird, Associate Director, Offensive Security and Tactics, DTCC Based on a session given at PenteraCon 2024 When the speed and complexity...

Forti-fied? Logging blind spot revealed in FortiClient VPN

Virtual private networks (VPNs) have become widely used by enterprises for secure remote network access to protect sensitive data. This critical role ...

What’s Behind the Rising Costs of Data Breaches?

Data breaches are more costly than ever, averaging USD 4.88 million in 2024—a 10% rise. This spike is largely due to increased expenses related to los...

Two New Zero-Day Vulnerabilities Uncovered in FortiClient VPN

Introduction Our latest research from Pentera Labs uncovers high-severity Fortinet vulnerability CVE-2024-47574, exposing risks in FortiClient's use ...
APT Attacks: The Sith Lords of the Cyber World
Advanced Persistent Threats (APTs) are like the Sith Lords of the cyber world—stealthy, relentless, and always lurking in the shadows. Mentioning them...

How Attackers Can Achieve a DoS Attack in Microsoft Active Directory

In this blog, we explore how attackers can exploit a limitation in Active Directory (AD) Security Identifiers (SIDs) to lock users out of the domain w...
Cybersecurity team performing continuous security validation testing

Continuous Security Validation Against AI-Driven Threats – A Field CISO’s Insights

Despite substantial investments in cybersecurity, breaches keep happening—especially as AI changes the game for attackers and defenders alike. This sh...

Why Proactive Cybersecurity Starts with Attack Surface Management (ASM)

The last couple of years will be remembered for many things in cybersecurity, but the MOVEit breach stands out as a painful lesson in what happens whe...
The Buyer's Guide to Security Validation
Download

Prove Your Defenses Work with Continuous Security Validation

The European energy sector’s recent takedown showed just how fast even strong defenses can crumble in the face of the increasing sophistication of cyb...