Attack surface management

Organizations must contend with a rapidly expanding, increasingly complex attack surface. Here's why attack surface management is critical for securing today's digital environments.

Today's cybersecurity needs may be too demanding for a single team to handle. Here's why even the largest enterprises can benefit from external managed detection and response (MDR) services.

More than 35,000 DDoS attacks have been deployed by Anonymous Sudan during the past year, counting the U.S. Justice, Defense, and State Departments, as well as Riot Games and the Cedars-Sinai Medical Center as some of its victims.

Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na...

Aside from performing Windows command execution and remote process injection-based module implementation, Splinter — which has "exceptionally large" artifact sizes due to extensive Rust crate presence — also features file uploading and downloading, cloud service account data collection, and self-deletion capabilities.

Information leaked by grep on BreachForums included Dell employees' full names, IDs, active status, department numbers, and internal identifiers, as well as two email addresses with the "dell.com" domain but no plain text credentials or personally identifiable information.

A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days. He posted, "our industry needs to kill the phish test",and I knew we needed to have a chat, ideally captured here on the podcast. I've been on the fence when it comes to phishing simulation, partly because I used to phish people ...

This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the impor...