Contattaci Accesso cliente Prenota una demo
Support
Supporto
English
Le principali tendenze tecnologiche strategiche di Gartner per il 2024
Leggi di più
Rapporto sullo stato dei Pentesting 2023
Leggi di più
Pentera Labs: come attaccare e proteggere WebLogic Server
Leggi di più
Topics
Blog
Topics
The field is empty
Managing the Financial Industry’s Attack Surface Read more>
Tackling Cloud Security Challenges Read more>
Next-Gen Cloud Security Solutions Read more>
Recent
Continuous Ransomware Validation: Why Annual Testing Is No Longer Enough
Ransomware isn’t just a security issue; it’s a business problem that’s grown too big to ignore. What started as floppy-disk attacks back in the 1980s ...
Jason Mar Tang

What is BAS 2.0 and Why You Need It

In a fast-evolving threat landscape, traditional Breach and Attack Simulation (BAS) tools are limited. Built based on predefined scenarios, they’re gr...
Michal Brenner

How to Prioritize Vulnerabilities Effectively

There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. How is that? Well, if you were the a...
Assaf Regev

How DTCC Upgraded their SOC into a Cyber Threat Fusion Center

By Shawn Baird, Associate Director, Offensive Security and Tactics, DTCC Based on a session given at PenteraCon 2024 When the speed and complexity...

Forti-fied? Logging blind spot revealed in FortiClient VPN

Virtual private networks (VPNs) have become widely used by enterprises for secure remote network access to protect sensitive data. This critical role ...
Peter Viernik

What’s Behind the Rising Costs of Data Breaches?

Data breaches are more costly than ever, averaging USD 4.88 million in 2024—a 10% rise. This spike is largely due to increased expenses related to los...
Dana Meschiany
2024 State of Pentesting Survey
Download

Two New Zero-Day Vulnerabilities Uncovered in FortiClient VPN

Introduction Our latest research from Pentera Labs uncovers high-severity Fortinet vulnerability CVE-2024-47574, exposing risks in FortiClient's use ...
Nir Chako

APT Attacks: The Sith Lords of the Cyber World

Advanced Persistent Threats (APTs) are like the Sith Lords of the cyber world—stealthy, relentless, and always lurking in the shadows. Mentioning them...
Assaf Regev

How Attackers Can Achieve a DoS Attack in Microsoft Active Directory

In this blog, we explore how attackers can exploit a limitation in Active Directory (AD) Security Identifiers (SIDs) to lock users out of the domain w...
Amit German
Begin your security validation journey
Request a demo
Book your demo now >
Explore
Continuous Security Validation Against AI-Driven Threats – A Field CISO’s Insights
Despite substantial investments in cybersecurity, breaches keep happening—especially as AI changes the game for attackers and defenders alike. AI-driv...
Pentera Team

Why Proactive Cybersecurity Starts with Attack Surface Management (ASM)

The last couple of years will be remembered for many things in cybersecurity, but the MOVEit breach stands out as a painful lesson in what happens whe...
Assaf Regev

Prove Your Defenses Work with Continuous Security Validation

The European energy sector’s recent takedown showed just how fast even strong defenses can crumble in the face of the increasing sophistication of cyb...
Ahmed Shakel

What CISOs Need to Know About the New SEC Cybersecurity Guidelines

The new SEC guidelines released July 26 2023 and effective December 18 2023 mark a significant shift in how organizations must approach cybersecurity....
Jason Mar Tang
Why Pay a Pentester? The Shift to Automated Penetration Testing
The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the gran...

Comparing On-premise vs. Cloud-Based Penetration Testing Strategies

As cloud infrastructure adoption grows, it's a mistake to assume that these environments are inherently secure. In fact, as reported by StrongDM, “pub...
Kyle Bobak
Linux ransomware readiness

How Susceptible are Your Linux Machines to a Ransomware Attack?

Ransomware targeting Linux machines is becoming increasingly common. While the vast majority of ransomware is still designed to target Windows systems...
Alon Segal

Emulating Cryptomining Attacks: A Deep Dive into Resource Draining with GPU Programming

Cryptomining has surged in popularity, driven by the growing value of cryptocurrencies like Bitcoin and Ethereum. With leaked credentials easier than ...
The Buyer's Guide to Security Validation
Download

Aligning Security Testing with IT Infrastructure Changes

With 73% of organizations tweaking their IT setups every quarter, it’s concerning that only 40% are aligning their security checks accordingly. This f...
Dana Meschiany