Common Endpoint (NGAV/EDR) Mistakes and How to Avoid Them

Posted by Gene Abramov on June 15, 2020

Endpoint Mistakes June2020

We perform hundreds of offensive security engagements such as penetration testing and red teaming every year.  During these engagements, we commonly exploit vulnerabilities to obtain some initial level of access and perform post-exploitation to demonstrate what an attacker could do and how far they could go.  Along the way, we have encountered just about every security control imaginable;...Continue reading 

Medical Exploitation: You Are Now Diabetic

Posted by Faisal Tameesh on February 14, 2019

Glucometer 2

A few months ago, our CTO and hacker-in-chief, Jake Reynolds, bought a glucometer online along with all the necessary stuff to make it work. He thought it would make for an interesting project, as researching this device and its related infrastructure could help improve security in a worthwhile field: health / medical devices. During a slower week at the office, I...Continue reading 

Introducing Armory: External Pentesting Like a Boss

Posted by Dan Lawson on February 04, 2019

TLDR; We are introducing Armory, a tool that adds a database backend to dozens of popular external and discovery tools. This allows you to run the tools directly from Armory, automatically ingest the results back into the database and use the new data to supply targets for other tools.   Why?   Over the past few years I’ve spent...Continue reading 

Have Questions?
Get Answers