Blog

A space dedicated to sharing our thoughts on the latest cybersecurity news, trends, and threats

Subscribe

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Password Security : The Good, the Bad, and the “Never Should Have Happened”

Download the Bishop Fox password security guide here.  Introduction to Password Security  While most organizations have a password policy that sounds technically secure, hardly any have a policy that benefits the organization, encourages strong passwords, and improves overall security. It’s time to stop requiring capital letters, numbers, special characters, and frequent password updates. We …

A Primer to Red Teaming

Download the full-length version of the guide including case studies and an introduction to our social engineering services here.  Introduction In order to fully understand red teaming, it might be best to first decouple it from penetration testing. The two are often conflated, and that only serves to lessen the quality of the decision-making …

The Latest in Security Style Guide Happenings

The Bishop Fox Cybersecurity Style Guide has been constantly evolving since its initial rollout in February 2018. It’s undergone one other iteration (v1.1, which you can find here) – until now, that is. For our audience’s convenience, we decided to create a digital version of the security style guide. The New Features of the …

Why You Need IDontSpeakSSL in Your Life

You’ve Already Heard of testssl.sh; Now, Meet IDontSpeakSSL. What is it? It’s a simple script designed for parsing testssl.sh results. It was created to automate the discovery of bad practices on SSL/TLS configuration, Cipher suites, and certificates. It is the most useful on projects with a broader scope; for example, it would prove highly efficient …

My Weekend With the Foxes

In this write-up, Security Analyst Chris D. describes the first few months of his job at Bishop Fox.  A few years back, I was sitting in at a friend’s house playing Dota when my friend said to me, “Hey, have you heard of Kali Linux?” My ears perked up. Huh? Little did I know that …

My Time at NetWars Tournament of Champions

EPISODE ONE: THE CTF AWAKENS Each and every December, some of the best and brightest hackers from around the world travel to Washington D.C. for the NetWars Tournament of Champions. Champion golfers may have their prestigious green sportscoats, but NetWars champions receive the coveted black hoodie. Who am I? Let’s start with the basics: I …