Bishop Fox

We’ll be at #BSidesATL Saturday, Nov 15 as a Silver Sponsor!

Come say hi at the Bishop Fox booth, meet the team, and talk all things offensive security.

KSU Center – Kennesaw, GA

Want to really understand LLM security?

Our latest blog breaks down the best Capture the Flag challenges for testing and defending large language models.

Full list: bishopfox.com/blog/ready-t...

Definitely worth a listen. Two great minds in cybersec!

Happening tomorrow at OWASP Global AppSec in DC:

Senior Security Consultant Nick Cerne will present “Peeling Back the Plastic: Finding 0-Days in IoT Devices.”

And join us Friday night at Flight Club for drinks, darts, and good times!

Nov. 6-7 | Washington, D.C.

RSVP: partiful.com/e/otaKEF0mqB...

New from Bishop Fox: Burp Variables, a Burp Suite extension that automates variable handling.
Define once. Reuse everywhere. No more manual token edits!
bishopfox.com/blog/burp-va...

Tomorrow @ 2 EDT: Demystifying 5G Security w/ Drew Jones.
Real-world tactics for testing & defending 5G networks.

Save your seat: bishopfox.com/resources/5g...

Working on DORA compliance?
Bishop Fox’s FAQ guide breaks down Threat-Led Pen Testing from planning to reporting.
bishopfox.com/resources/gu...
#DORA #TLPT

A $20 smart device. A curious researcher.
Bishop Fox’s Nick Cerne found some new vulnerabilities that could literally open your front door.

Read his story → bishopfox.com/blog/how-a-2...

#IoTSecurity

Yolink Hub — VERSION 382 — SUMMARY The following document describes identified vulnerabilities in the YoLink Hub smart device version 0382.

🚨 New Bishop Fox advisory: YoSmart YoLink Hub (v0382) found vulnerable.
Attackers could:
• Remotely control devices
• Intercept traffic
• Hijack sessions

Details: bishopfox.com/blog/yosmart...

We’re live with cloud expert Mitchell Sperling talking CloudFox!

Join here: bishopfox.com/resources/cl...

Cloud enumeration is messy. CloudFox makes it manageable.

Join Senior Security Consultant Mitchell Sperling for a hands-on workshop:
📅 Oct 1 | 🕑 2 p.m. EDT / 7 p.m. BST

Learn how to find real attack paths in cloud pen tests.
Save your seat: bishopfox.com/resources/cl...

#hackerhalted #globalcisoforum #cybersecurity #thankyousponsors #cyberleadership #cisoforum2025 | EC-Council 🎉 𝗔 𝗛𝘂𝗴𝗲 𝗧𝗵𝗮𝗻𝗸 𝗬𝗼𝘂 𝘁𝗼 𝗢𝘂𝗿 𝟮𝟬𝟮𝟱 𝗦𝗽𝗼𝗻𝘀𝗼𝗿𝘀! 🎉 As we gear up for Hacker Halted Cybersecurity Conference and the Global CISO Forum this October in Atlanta, we want to extend our deepest gratitude to the i...

We’re proud to sponsor Hacker Halted 2025 + the Global CISO Forum (Oct 1–2, Atlanta).

We have a limited number of VIP badges to share — if you’re interested in attending, reach out to our team.

Details: www.linkedin.com/posts/ec-cou...

SecDSM October Meetup 🎃
📅 Thu, Oct 2 @ 6 PM
📍 Foundry Distillery, West Des Moines

Costume contest, scavenger hunt, spooky CTF, trivia & prizes (yes, whiskey!). Bishop Fox is proud to sponsor.

Details: bishopfox.com/events/secds...

CHOTINER: You believe AI alone will solve cybersecurity?

EVANGELIST: Yes, it will eventually detect everything.

CHOTINER: Including attacks run by other AI?

EVANGELIST: Well… yes, AI learns.

CHOTINER: So you’re building the attack and the defense simultaneously.

EVANGELIST: Now wait a minute-

Fireside Chat - SaaS Security: Inside Recent Attacks Disrupting… Learn how UNC6040 and UNC6395 exploited OAuth to breach Salesforce ecosystems. Expert insights on SaaS security threats and defense strategies.

Full talk: bishopfox.com/resources/sa...

Think your OAuth tokens may be compromised?
Here’s what AppOmni CTO Brian Soby says you should do first:

When your SaaS vendor gets breached, it can break your whole business.

AppOmni’s CTO Brian Soby explains how a single compromise can ripple through disconnected tools, board reporting, and day-to-day ops.

Full chat with Bishop Fox CISO Christie Terrill:
bishopfox.com/resources/sa...

“There’s a war out there… and it’s not about bullets. It’s about who controls the information.” – Marty Bishop, Sneakers

RIP Robert Redford. Your character inspired the name Bishop Fox and our mission to keep people safe, online and off.

Always a Sneaker.

The Top Reasons Security Leaders Choose Red Teaming Leaders are turning to red teaming to test defenses against real-world adversaries discover why this strategy is becoming a must-have for cyber resilience.

Red Teaming validates controls, trains defenders, and gets everyone from SOC to the board on the same page.

bishopfox.com/blog/top-rea...

Senior Security Consultant Drew Jones dug into the 5G registration protocol and found that early connection messages aren’t encrypted, identifier privacy can break down, and devices still request null encryption: bishopfox.com/blog/demysti...

Red Team Readiness Guide: Plan, Align, and Execute Successful… Download our framework for planning red team operations. Learn how to align stakeholders, set objectives, and evaluate readiness before launching your red…

Red Teaming only works if you’re ready for it.

This free Red Team Readiness Guide helps you align stakeholders, clarify goals, and avoid planning pitfalls.

Get it here → bishopfox.com/resources/re...

Some say there’s a cybersecurity talent shortage.

But ask the thousands of grads and self-taught hackers who can’t land an entry-level role and you’ll hear a different story.

In her latest blog, @alethe.bsky.social breaks down the paradox: bishopfox.com/blog/talent-...

Systems get patched. If only people did...

Catch @alethe.bsky.social at #IAFCI International Training Conference breaking down the social engineering tricks driving modern financial crime: deepfakes, vishing, insider ops + more.
OKC | Aug 28 | 2:25 p.m.

🚨 We're live! 🚨

The battlefront of offensive AI is here.

Hear real-world stories, lessons, and strategies from the front lines. Happening right now!

bishopfox.com/resources/ai...

Cloud enumeration can eat up your whole day.

Spend ~60 minutes with us and we’ll fix that.

Live Discord Workshop with Mitchell Sperling on CloudFox - Aug 21: bishopfox.com/resources/cl...

If you build, deploy, or secure AI, this is your blueprint for stopping silent failures before they turn into breaches.

On Aug 20, Jessica Stinson shares AI War Stories: Silent Failures, Real Consequences.

Save your spot: bishopfox.com/resources/ai...

Discord Workshop - CloudFox: Cloud Enumeration for Penetration Testing Thursday, August 21 2PM EDT / 7PM BST Mitchell Sperling, Senior Security Consultant [register now button]

We're taking our Discord Workshops to the cloud! ☁️

Follow along as Senior Security Consultant Mitchell Sperling uses #CloudFox to map massive environments fast and spot the attack paths that matter.

Live Aug 21 on Discord: discord.gg/ANytASyDFr?e...

Oh hey we know her!

Breaking AI: Inside the Art of LLM Pen Testing Learn why traditional pen testing fails on LLMs, deep dive into adversarial prompt exploitation, social engineering, real-world AI security techniques.

Last call!

Join us tomorrow for Breaking AI: Inside the Art of LLM Pen Testing. Learn how attackers are actually manipulating LLMs and why prompt engineering isn’t enough: bishopfox.com/resources/br...

We’re heading to #bsidescdmx as a proud Silver Sponsor!

Catch Bishop Fox consultants all day long, from a hands-on Cloud Pentesting 101 workshop, to advanced mobile bypass tactics, to real-world intrusion case studies.

See you there! bishopfox.com/events/bisho...