On December 17, 2019, Citrix disclosed an unauthenticated remote code execution (RCE) vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway, assigned CVE-2019-19781.
At Randori, we recommend assessing risk by evaluating your network the same way an attacker would. But, what does that actually mean, and how does an attacker lens differ from a traditional defenders’ approach?
Today we’re thrilled to officially announce general availability of Randori Recon, the first phase of our automated attack platform. With only an email, Randori Recon can stack rank your most tempting targets for an adversary.
Data has become the basis of all decision-making processes, whether it be a business or a security decision. When building an attack-focused scraper, one must be prepared for dealing with extra levels of complexity in remaining invisible to defender’s eyes.
I am pleased to announce the release of a new Solutions Showcase from Enterprise Strategy Group (ESG) on the Randori Attack Platform.
There is nothing trendier in infosec today then to describe anyone under the sun showing any degree of competence as “advanced” or “sophisticated.” It’s an epidemic.
In cybersecurity, there is no such thing as perfection. If perfection is your goal, you are doing it wrong.
Hackers gonna hack. That’s what they do. But that does not mean they run in heedless of the defenses arrayed against them. Sometimes attackers will see something in a target that forces them to stop and think before proceeding.
When the Shadow Brokers leaked nation-state level hacking tools in April of 2017, I immediately began digging into the post-exploitation capabilities and tradecraft of the supposed “APT” group.
Security cannot exist in a vacuum. If an organization’s security is dictated from one room, one group of people, the value of shared responsibility is lost.