Resources

Blog

Three Tools for Maturing Your Vulnerability Management Program

Cybersecurity has become an increasingly popular topic in day-to-day conversation, and the conclusion is always the same: organizations need to make cybersecurity a priority and work to create the best security strategy possible. However, there’s a big difference between understanding what you need versus knowing how to get it. Many organizations are still in the early stages of developing and...
Blog

What is Intelligent Identity and Access Management?

What is Intelligent IAM?Intelligent IAM (IIAM) encompasses all the administrative processes used in Identity and Access Management (IAM), but the processes are influenced by real‐time data. IAM solutions that use intelligence continuously collect, monitor, and analyze large volumes of identity and access‐related information, combining data not only from provisioning and governance solutions but...
Datasheet

Infrastructure Protection for Proactive Security

To counter the ongoing persistence of cyber threats, organizations must adopt proactive security strategies that anticipate potential attacks rather than solely relying on reactive defenses. Our Infrastructure Protection suite provides security teams with the data needed to identify weaknesses and then verify them through practical exploitation. This dual approach maps potential attack paths...
Blog

What Does Least Privilege Access Actually Mean?

If you’re like most IT or security professionals, it seems harder than ever to manage the complexity of user access. Keeping track of access rights, roles, accounts, permissions, entitlements, credentials, and privileges is a never ending—and sometimes thankless—proposition. And it’s riskier than ever before. In fact, according to the 2021 Cost of a Data Breach Report, compromised credentials are...
Article

Reversing and Exploiting with Free Tools: Part 10

In the previous parts of this series, we went through some basic examples of exploitation and reversing. Now we’ll take a step forward, gradually adding different protections and mitigations that we will find. What are mitigations? Over the years, new generic defense methods have been added to new systems. While they don’t prevent exploitation, these mitigation techniques aim to make exploitation...
Blog

Core Impact Adds Integrations for Fortra VM and beSECURE

Core Security’s comprehensive penetration testing tool, Core Impact, can now import data from two additional vulnerability scanners: Fortra VM (formerly Frontline VM) and beSECURE. Both vulnerability assessment and management solutions were recently acquired by Fortra to establish a comprehensive security assessment toolkit. By adding integration with these solutions, Core Impact can further...
Blog

Getting Inside the Mind of an Attacker: After the Breach – Miscellaneous Techniques for Achieving Persistence

In the first two parts of this series, we covered how attackers may attempt to gain persistence in Active Directory by forging Kerberos tickets or through domain replication abuse, and also discussed strategies to detect these methods. In this part, we’ll touch on a few more techniques: AdminSDHolder and SDProp abuse, SID History attacks, and skeleton key attacks. AdminSDHolder Container and...
Video

Core Impact Overview

Core Impact is an automated penetration testing tool that enables organizations to conduct comprehensive security assessments across multiple vectors, including network, client side, and web applications. Take three minutes to watch this video to see how Core Impact empowers you to safely test your environment using the same techniques as today's adversaries. ...
Video

Three Ways to Extend your Vulnerability Management Program

With the threat of cyber-attacks perpetually looming over organizations, security can’t be guaranteed with a single solution or a “set it and forget it” mentality. Security strategies have to continuously evolve and assess risk in order to keep up with today’s threats. This webinar, ideal for security professionals of all levels, will explore the elements of a successful vulnerability management...
Datasheet

Cobalt Strike

Cobalt Strike is a standard-setting adversary simulation tool, recognized globally for facilitating red team operations with its signature payload and extensible C2 framework to accurately replicate the tactics of today’s advanced threat actors Beacon: The Customizable Post-Exploitation Payload Beacon, Cobalt Strike’s signature payload, models the behavior of advanced adversaries to perform post...
Blog

Getting Inside the Mind of an Attacker: After the Breach - Achieving Persistence with Domain Replication Abuse

In part one of this series, we discussed how attackers may attempt to gain persistence in Active Directory by forging Kerberos tickets, as well as ways to detect these efforts. In this part, we’ll discuss another method attackers may use: domain replication abuse. The DCSync Attack Domain replication, or DCSync, is a feature that was first intended to be used by Domain Controllers. Requesting a...
Blog

What Types of Attacks Does SIEM Detect?

Security Information and Event Management (SIEM) solutions are known for their ability to provide visibility into IT environments by monitoring data sources for unusual activity and contextualizing them for security insights. According to the 2021 SIEM Report by Cybersecurity Insiders, 76% of cybersecurity professionals surveyed reported that SIEM improved their ability to detect threats. But what...
Blog

Protecting Your Organization from Identity Theft

Did you know that, on average, 15 million residents in the U.S. are affected by identity theft and upwards of $50 billion are stolen each year? During the holiday season we hear a lot about keeping your identity safe when shopping online or in retail stores across the country, or even across the world. Why? The most obvious reasons are that your money can be stolen and in turn, your credit ruined...
Blog

How to Strengthen Identity and Access Management with the Rise of a Hybrid Workforce

As organizations have made the transformational shift to a remote and hybrid workforce, IT and security teams are feeling increased pressure to better manage access to sensitive data and systems. The rise of a remote and expanded workforce has put additional strain on organizations and increased the potential for identity-related access risks. To combat these access risks, identity and access...
Blog

Why Do Ransomware Attacks Keep Happening?

Did you know the first instance of ransomware was in 1989? Though we’ve moved on from floppy disks containing malware and cashier’s checks used to pay attackers, we are far from moving past ransomware. Instead, ransomware has become more streamlined, and is one of the most popular tools of both amateur and expert threat actors. Just about anyone can purchase a ransomware strain off the dark web or...
Blog

14 Exploits Cybersecurity Professionals Are Concerned About

Vulnerabilities can be found in just about any type of software—and even some pieces of hardware. Threat actors are all too eager to take advantage of these vulnerabilities, leveraging them to gain access to or escalate privileges in an organization’s IT infrastructure. When these vulnerabilities are discovered before the vendor is aware, these are known as zero-day threats. Since these are...
Guide

2021 Identity and Access Management Report

Identity-related access risks continue to present an ongoing threat to organizations today. In response, many companies have prioritized managing user access as an essential part of their cybersecurity strategy to strengthen their overall security posture. Yet despite their focus, a large majority of organizations still lack confidence in the effectiveness of their identity and access management ...