A leading provider of #offensivesecurity solutions & contributor to the #infosec community. #pentesting #hacking VC @forgepointcap @carrickcapital @WestCap8

Tempe, AZ
That tiny favicon in your browser tab is more useful than it looks. Aaron Ringo breaks down how favicon hashes can identify software, pivot to related hosts, and support attack surface intelligence. Plus: the AI-assisted workflow behind a new public dataset. bfx.social/4fpYP91
3
3
572
Residential proxies don’t always come from hacked devices. Sometimes people install them willingly in exchange for “free” software or services. Kendrick Urbaniak explains why that’s riskier than most people realize.
1
2
2
1,078
Heading to the Boston @securitymeetup on July 16? Ori Zigindere will be talking about CTEM in practice: how it differs from traditional vulnerability management and how teams are using it to continuously reduce real risk. Come say hi if you’re there.
1
3
365
“What do you get when you hand a protocol fuzzer to Claude Code?” You’ll find out at #SummerCon. Shad Malloy is unveiling a new open-source Sparkplug B fuzzer and sharing what AI-assisted protocol research actually looks like: the wins, the frustrations, and a live demo on real hardware.
2
6
7
979
“The harness is going to be more important than the models themselves.” Bishop Fox CEO Vinnie Liu explains why AI security is really about how you instrument and apply whatever model you're using.
1
5
806
This was one of the more interesting stories we covered this week. Millions of Pokémon GO players contributed scan data to improve an AR game. Years later, that same data is part of a conversation about AI-powered navigation and military applications.
1
1
4
684
Starting tomorrow! Debug ports. Firmware dumps. Root access. Join Marco Sanchez and Abdel Bolivar for a hands-on introduction to hardware hacking and learn how researchers approach embedded and IoT devices.
1
1
636
Ever wondered where hardware hackers start when they get a new device? This workshop covers the basics: identifying components, finding debug interfaces, extracting firmware, and understanding how embedded devices actually work. With Marco Sanchez and Abdel Bolivar.
1
1
630
What happens when the attacker succeeds anyway? @AletheDenis explores why social engineering is ultimately a control design problem and why awareness training alone isn’t enough.
2
1
2
441
PCI DSS scope isn’t limited to traditional network segments anymore. Now cloud infrastructure, SaaS platforms, IAM, and CI/CD pipelines can all play a role in an attack path to the CDE. Derek Rush breaks down how Bishop Fox approaches modern PCI internal penetration testing.
1
5
360
Ever wondered how security researchers go from a physical device to root access? Join Bishop Fox consultants Marco Sanchez and Abdel Bolivar for a hands-on introduction to hardware hacking. Learn about debug interfaces, firmware extraction, embedded systems, and more. Available in English and Spanish
1
533