Explore the minds of The NetSPI Agents
Advance your proactive security knowledge by learning from some of the brightest people in cybersecurity. Our executive blog gives perspective on industry trends, while Hack Responsibly dives deep into the latest CVEs and tactical approaches our team takes. Take your pick!
Our favorite picks
Penetration Testing: What is it?
Learn about 15 types of penetration testing, how pentesting is done, and how to choose a penetration testing company.
Ransomware Prevention, Detection, and Simulation
Your complete guide to ransomware. Learn what ransomware is, how it fuels criminal activity, how it works, and how to stop it.
How to Use Attack Surface Management for Continuous Pentesting
Uncover attack surfaces and exposures with NetSPI’s offensive security including Attack Surface Management (ASM) to enable continuous pentesting.
Penetration Testing: What is it?
Learn about 15 types of penetration testing, how pentesting is done, and how to choose a penetration testing company.
Ransomware Prevention, Detection, and Simulation
Your complete guide to ransomware. Learn what ransomware is, how it fuels criminal activity, how it works, and how to stop it.
How to Use Attack Surface Management for Continuous Pentesting
Uncover attack surfaces and exposures with NetSPI’s offensive security including Attack Surface Management (ASM) to enable continuous pentesting.
Elevating Privileges with Azure Site Recovery Services
Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated.
Mainframe Mania: Highlights from SHARE Orlando 2024
NetSPI Security Consultant Michelle Eggers attended SHARE Orlando 2024 for a hands-on educational conference focused on mainframe security.
Web2 Bugs in Web3 Systems
Discover how attackers use vulnerabilities in off-chain components to achieve critical impact against on-chain systems.
From Scanners to Strategies: How Attack Surface Management Enhances Vulnerability Scanning
Vulnerability scanners and attack surface management work better together. See how the combination works toward a proactive security strategy.
Azure Deployment Scripts: Assuming User-Assigned Managed Identities
Learn how to use Deployment Scripts to complete faster privilege escalation with Azure User-Assigned Managed Identities.
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. Learn how NetSPI discovered and exploited the vulnerability.
NetSPI’s View on the 2023 Gartner® Competitive Landscape: External Attack Surface Management Report
External Attack Surface Management is a growing category in proactive security. Here’s NetSPI’s take on how Gartner® summarized its research.
Extracting Sensitive Information from the Azure Batch Service
The added power and scalability of Batch Service helps users run workloads significantly faster, but misconfigurations can unintentionally expose sensitive data.
The Silk Wasm: Obfuscating HTML Smuggling with Web Assembly
A new technique for HTML smuggling using Web Assembly helped us bypass potential malware detection.