Resources
Insights from the Front Lines of Adversary Research
Blog posts, research, tools, and educational resources from our offensive security experts.
Featured
Featured Resources
The CISO's Guide to Continuous Threat Validation
Everything you need to know about moving from annual testing to continuous validation. Framework, metrics, and implementation guidance.
Detection Coverage Assessment Template
MITRE ATT&CK-aligned template for assessing your current detection coverage. Identify gaps before attackers find them.
Understanding Purple Rain
Our team explains the continuous validation approach, with real examples and client results.
Blog
Latest from the Blog
Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria
A phishing email landed in an employee's inbox. SPF passed. DKIM passed. DMARC passed. Spam score: 0.085/1.0. What started as a routine triage turned into a multi-day offensive hunt.
Bybit Hack Considerations
Analysis of the cryptocurrency exchange breach, highlighting supply chain security and browser-based attack vulnerabilities.
APT38's New Game: Targeting Devs with Fake Coding Challenges
North Korean threat actors are leveraging GitHub to target software developers through fake job opportunities and technical interviews.
Open Source
Open Source & Community Tools
Sigma-to-KQL Converter
Our tool for converting Sigma rules to KQL for Microsoft Sentinel. Available on GitHub.
Detection Rule Templates
Starter templates for common detection scenarios. MITRE ATT&CK aligned.
Threat Hunting Runbooks
Hypothesis-based hunting guidance and queries for common threat scenarios.
Need Guidance?
Looking for Specific Expertise?
Our team can discuss your specific challenges and point you to the most relevant resources and solutions.
Request a Discovery Call