Explore the minds of The NetSPI Agents
Advance your proactive security knowledge by learning from some of the brightest people in cybersecurity. Our executive blog gives perspective on industry trends, while Hack Responsibly dives deep into the latest CVEs and tactical approaches our team takes. Take your pick!
Our favorite picks
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.
15 Ways to Bypass the PowerShell Execution Policy
By default, PowerShell is configured to prevent the execution of PowerShell scripts on Windows systems. In this blog I’ll cover 15 ways to bypass the PowerShell execution policy without having local administrator rights on the system.
How to Use Attack Surface Management for Continuous Pentesting
Uncover attack surfaces and exposures with NetSPI’s offensive security including Attack Surface Management (ASM) to enable continuous pentesting.
Navigating Cybersecurity Regulations Across Financial Services
Learn about five areas businesses should consider to help navigate cybersecurity regulations, such as the Digital Operations Resiliency Act (DORA).
A New Era of Proactive Security Begins: The Evolution of NetSPI
Introducing The NetSPI Platform, the proactive security solution used to discover, prioritize, and remediate the most important security vulnerabilities. Plus, get a first look at NetSPI’s updated brand!
Penetration Testing: What is it?
Learn about 15 types of penetration testing, how pentesting is done, and how to choose a penetration testing company.
Ransomware Prevention, Detection, and Simulation
Your complete guide to ransomware. Learn what ransomware is, how it fuels criminal activity, how it works, and how to stop it.
How to Use Attack Surface Management for Continuous Pentesting
Uncover attack surfaces and exposures with NetSPI’s offensive security including Attack Surface Management (ASM) to enable continuous pentesting.
Elevating Privileges with Azure Site Recovery Services
Discover how NetSPI uncovered and reported a Microsoft-managed Azure Site Recovery service vulnerability and how the finding was remediated.
Mainframe Mania: Highlights from SHARE Orlando 2024
NetSPI Security Consultant Michelle Eggers attended SHARE Orlando 2024 for a hands-on educational conference focused on mainframe security.
Web2 Bugs in Web3 Systems
Discover how attackers use vulnerabilities in off-chain components to achieve critical impact against on-chain systems.
From Scanners to Strategies: How Attack Surface Management Enhances Vulnerability Scanning
Vulnerability scanners and attack surface management work better together. See how the combination works toward a proactive security strategy.
Azure Deployment Scripts: Assuming User-Assigned Managed Identities
Learn how to use Deployment Scripts to complete faster privilege escalation with Azure User-Assigned Managed Identities.
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. Learn how NetSPI discovered and exploited the vulnerability.
NetSPI’s View on the 2023 Gartner® Competitive Landscape: External Attack Surface Management Report
External Attack Surface Management is a growing category in proactive security. Here’s NetSPI’s take on how Gartner® summarized its research.