Explore the Minds of The NetSPI Agents
Advance your proactive security knowledge by learning from some of the brightest people in cybersecurity. Our executive blog gives perspective on industry trends, while Hack Responsibly dives deep into the latest CVEs and tactical approaches our team takes. Take your pick!
Our Favorite Picks
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.
15 Ways to Bypass the PowerShell Execution Policy
NetSPI security expert Scott Sutherland covers 15 ways to bypass the PowerShell execution policy without having local administrator rights on the system.
How to Use Attack Surface Management for Continuous Pentesting
Uncover attack surfaces and exposures with NetSPI’s offensive security including Attack Surface Management (ASM) to enable continuous pentesting.
Webinar Recap: Everything You Wish You Didn’t Have to Know About Ransomware
Learn about the evolving ransomware landscape, including how attackers operate, the roles within the ransomware economy, and actionable strategies to strengthen your defenses.
6 Security Trends Every CISO Should Know
Discover top security trends from AI governance to Zero Trust. Explore actionable insights tailored to help CISOs strengthen defenses.
NetSPI recognized by Gartner® as a Sample Vendor for PTaaS—Here’s Why It Matters For Us
Pentesting as a crucial part of modern cybersecurity to tackle growing digital threats. We believe NetSPI’s mention as a Sample Vendor for PTaaS confirms its excellence and innovation in the field.
Part 3: Ready for Red Teaming? Maximising Learning Outcomes and Collaborative Growth
Maximize red teaming outcomes with collaborative growth and learning. Discover best practices for effective security exercises and improvements.
Vibe Coding: A Pentester’s Dream
Explore the impact of AI-created code on web app security. Learn about vulnerabilities, security audits, and proactive measures to keep your data safe.
From Pentest Report to Boardroom Strategy in 5 Steps
Learn how to turn technical findings from penetration testing into executive action with a five-step approach for maximizing pentesting value.
DEF CON 33: NetSPI’s “Access Everywhere” Experience
NetSPI security experts share key insights from DEF CON 33’s “Access Everywhere” theme, from networking with hackers to expanding security expertise through sessions and workshops.
Assessing the True Business Impact of a Malicious Connected App
Discover the cascading risks of malicious Connected Apps in Salesforce. Learn how to assess business impact, secure your org, and protect critical infrastructure.
We Know What You Did (in Azure) Last Summer
At DEF CON 33, NetSPI presented a talk about how Azure resources supporting Entra ID authentication expose tenant IDs, enabling attackers to attribute cloud resources to specific organizations at scale.
Walking the Cybersecurity AI Tightrope
Explore the balance of AI and human expertise in cybersecurity, addressing both benefits and limitations for effective security strategies.
Unix Underworld: Tales from the Dark Side of z/OS
Discover how penetration testing ensures compliance with SOC 2, PCI DSS, and HIPAA, safeguarding data, mitigating risks, and building trust in a data-driven world.
Penetration Testing for Compliance: Achieving SOC 2, PCI DSS, and HIPAA
Discover how penetration testing ensures compliance with SOC 2, PCI DSS, and HIPAA, safeguarding data, mitigating risks, and building trust in a data-driven world.