"The AI Balancing Act: Benchmarking LLMs for Usability vs Security" - Live Webinar on Wed Sep 10th
NetSPI Penetration Testing
Shift projects to programs with contextualized pentesting in a technology-enabled, human-delivered, platform.Application Pentesting
Secure your web, mobile, thick, and virtual applications and APIs.AI/ML Pentesting
Reduce the risk of using AI in your environment with testing and jailbreaking for LLMs.Cloud Pentesting
Secure your AWS, Azure, and Google cloud infrastructures.Mainframe Pentesting
z/OS Mainframe Testing - CICS / IMS Region and ApplicationNetwork Pentesting
Secure your internal, external, wireless, and mainframe networks.Secure Code Review
Find application security vulnerabilities in your source code with SAST tools and manual review.SaaS Security Assessment
Discover and remediate SaaS configuration instances and app vulnerabilities.Hardware Systems
Find vulnerabilities that could put your IoT, automotive, medical device, ATM, OT, and other cyber-physical systems at risk.Red Team
Simulate attacks to assess detection, response, and recovery capabilities across people, processes, and technology.Threat Modeling
Identify potential threats to your company’s systems and applications through a holistic program.Cybersecurity Maturity Assessment
Define prioritized steps to advance your security program.Social Engineering
Conduct email, phone, or physical security social engineering tests.Post-Incident Response (IR)
Comprehensive services for incident analysis, vulnerability detection, and remediation guidance.Merger & Acquisition Testing
Reduce investment risk and enable informed M&A decisions .Watch the second webinar in our Lunch & Learn Series below!
Where there is Active Directory, there are SQL Servers. In dynamic enterprise environments, it’s common to see both platforms suffer from misconfigurations that lead to unauthorized system and sensitive data access. During this presentation, Scott covers common ways to target, exploit, and escalate domain privileges through SQL Servers in Active Directory environments. He also shares a msbuild.exe project file that can be used as an offensive SQL Client during red team engagements when tools like PowerUpSQL are too overt.
This presentation was originally developed for the Troopers20 conference, but due to the current travel constraints we’ll be sharing it online during this webinar.
