Blog

Trying to wrap your head around what separates Continuous Penetration Testing from other forms of network security testing? Well, we get it. That’s why we’ve put together this handy little video. Sit back, have a snack and learn how CPT works, why it’s advantageous and how it can help you keep your organization’s network safe.

Automated Vulnerability Scanners, on the surface, have a lot of appeal to IT directors. They run in the background and are “always on”. They alert you when you have an issue. But the harsh reality is they provide a false sense of security and leave your network exposed.

Collecting and validating an organization’s employee base is critical for any successful offensive information security operation.

In-depth info. to consider before choosing how you’ll test network security. If you’ve thought about using a bug-bounty program to test your organization’s network, hit pause and read this first.

When starting a penetration test, we first try to discover domains associated with our target apex domain. To help you navigate this part of the process, we’re going to detail it, highlighting tips and tricks for working around registrant privacy services and other roadblocks you may face.

We are going to dig into Slack workspace compromise to provide additional information and tooling you can use to leverage access. This guidance will build off of “Abusing Slack for Offensive Operations”, a great article Cody Thomas wrote for the SpectrOps blog.