Topics
Return of the RCE: Addressing the regreSSHion Vulnerability – CVE-2024-6387
A Regrettable Resurgence
On July 1, 2024, the Qualys Threat Research Unit (TRU) published their discovery of an unauthenticated remote code executio...
Zero footprint attacks: 3 steps to bypass EDR with reflective loading
EDR (Endpoint Detection and Response) evasion techniques are becoming increasingly common amongst attackers as they evolve their strategies to bypass ...
Fundamentals of Cloud Security Stress Testing
“Defenders think in lists, attackers think in graphs” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those...
Verizon’s 2024 Data Breach Investigations Report: Key insights
The 2024 Data Breach Investigations Report (DBIR) is out, providing an in-depth look at the latest trends in cybersecurity. This year's findings revea...
Pentera’s 2024 Report Highlights the Criticality of Continuous Validation
Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half....
Managing the Financial Industry’s Attack Surface
The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobil...
Tackling Cloud Security Challenges
As much as we love the cloud, we fear it as well.
We love it because cloud computing services of Amazon, Azure, and Google have transformed operati...
Next-Gen Cloud Security Solutions
Cloud computing has fundamentally changed how we operate. It's efficient and scalable, but it's not without some problems. Security is the biggest. As...
Protecting Against Ivanti Zero-Day Vulnerabilities
Ivanti Ground Zero
On January 10, 2024, Ivanti disclosed two vulnerabilities, CVE-2023-46805 and CVE-2024-21887, impacting its Ivanti Connect Secur...
Begin your security validation journey
Request a demo
4 Steps to Knowing Your Exploitable Attack Surface
According to a Cisco CISO Benchmark survey, 17% of organizations had 100,000 or more daily security alerts in 2020, a number that has only increased...
Cyber Attack Lessons 2024: Key Takeaways for Security Teams
The State of Cyber Attacks in 2024
Cyber threats have escalated in 2024, forcing security teams to analyze cyber attack lessons from 2024 to improv...
How to attack and protect WebLogic server
WebLogic is a popular enterprise middleware tool that orchestrates the interaction between backend systems and frontend clients. This makes it a val...
Embracing a Hacker Mindset for Better Cyber Defense
Today's security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud serv...
Business Risk as a Guide for Cybersecurity Remediation
We all know the culprits. Cloud adoption, remote and hybrid work arrangements and a long list of must-have technologies have led to an ever-expandin...
Managing Legacy Infrastructure for Security
Every company has some level of tech debt. Unless you’re a brand new start-up, you most likely have a patchwork of solutions that have been impleme...
Risks of LOLBAS in Security
Living Off the Land Binaries and Scripts (LOLBAS) represent a stealthy and growing threat in cybersecurity. By using trusted system utilities for ma...
Securing Neglected Network Protocols
The rapid pace of technological advancements constantly create new attack vectors and attack surfaces. Consequently, it is critical to constantly st...
Penetration Testing Trends: A 2023 Perspective
Penetration testing trends are more critical than ever. In the past 24 months, over 88% of organizations have been breached. Nearly nine out of ten ...