Explore the Minds of The NetSPI Agents
Advance your proactive security knowledge by learning from some of the brightest people in cybersecurity. Our executive blog gives perspective on industry trends, while Hack Responsibly dives deep into the latest CVEs and tactical approaches our team takes. Take your pick!
Our Favorite Picks
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.
15 Ways to Bypass the PowerShell Execution Policy
NetSPI security expert Scott Sutherland covers 15 ways to bypass the PowerShell execution policy without having local administrator rights on the system.
How to Use Attack Surface Management for Continuous Pentesting
Uncover attack surfaces and exposures with NetSPI’s offensive security including Attack Surface Management (ASM) to enable continuous pentesting.
Turning Regulation into a Resilience Advantage: 6 Top Pentesting Tips for CISOs
Regulations and cyber threats are moving at breakneck speed. And so are expectations from boards, regulators, and auditors. For today’s CISOs, the real question isn’t “Are we compliant?” it’s “Are we resilient?”
Webinar Recap: How to Keep Your CISO Out of Jail
Learn how CISOs can reduce legal risk by documenting decisions, fostering security culture, and aligning cybersecurity with business goals.
Decrypting VM Extension Settings with Azure WireServer
The Azure WireServer service provides configuration data to Azure Virtual Machines. Join us as we walkthrough the process of decrypting that data to find sensitive information.
How App Integration Transactions Increase the Attack Surface of LLMs
Learn how OpenAI’s AppsSDK, AgentKit, and “Buy It” turn LLMs into transactional agents—expanding security risks from rapid rollout, prompt injection, and access control gaps.
API Security Testing: The Overlooked Frontline in Application Penetration Testing
In this article, NetSPI Managing Director Nate Brown, highlights the importance of securing APIs to protect against cyberattacks and data breaches.
Webinar Recap: Everything You Wish You Didn’t Have to Know About Ransomware
Learn about the evolving ransomware landscape, including how attackers operate, the roles within the ransomware economy, and actionable strategies to strengthen your defenses.
6 Security Trends Every CISO Should Know
Discover top security trends from AI governance to Zero Trust. Explore actionable insights tailored to help CISOs strengthen defenses.
NetSPI recognized by Gartner® as a Sample Vendor for PTaaS—Here’s Why It Matters For Us
Pentesting as a crucial part of modern cybersecurity to tackle growing digital threats. We believe NetSPI’s mention as a Sample Vendor for PTaaS confirms its excellence and innovation in the field.
Part 3: Ready for Red Teaming? Maximising Learning Outcomes and Collaborative Growth
Maximize red teaming outcomes with collaborative growth and learning. Discover best practices for effective security exercises and improvements.
Vibe Coding: A Pentester’s Dream
Explore the impact of AI-created code on web app security. Learn about vulnerabilities, security audits, and proactive measures to keep your data safe.
From Pentest Report to Boardroom Strategy in 5 Steps
Learn how to turn technical findings from penetration testing into executive action with a five-step approach for maximizing pentesting value.
DEF CON 33: NetSPI’s “Access Everywhere” Experience
NetSPI security experts share key insights from DEF CON 33’s “Access Everywhere” theme, from networking with hackers to expanding security expertise through sessions and workshops.