Data has become the basis of all decision-making processes, whether it be a business or a security decision. When building an attack-focused scraper, one must be prepared for dealing with extra levels of complexity in remaining invisible to defender’s eyes.

I am pleased to announce the release of a new Solutions Showcase from Enterprise Strategy Group (ESG) on the Randori Attack Platform.

There is nothing trendier in infosec today then to describe anyone under the sun showing any degree of competence as “advanced” or “sophisticated.” It’s an epidemic.

In cybersecurity, there is no such thing as perfection. If perfection is your goal, you are doing it wrong.

Hackers gonna hack. That’s what they do. But that does not mean they run in heedless of the defenses arrayed against them. Sometimes attackers will see something in a target that forces them to stop and think before proceeding.

When the Shadow Brokers leaked nation-state level hacking tools in April of 2017,  I immediately began digging into the post-exploitation capabilities and tradecraft of the supposed “APT” group.

Security cannot exist in a vacuum. If an organization’s security is dictated from one room, one group of people, the value of shared responsibility is lost.

I love to ask tech start-up founders what it was that prompted formation of their business. I’m usually listening to see if they are driven by some deeply-held personal belief (good answer) or by some greedy, near-term revenue growth objective (bad answer).