Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Dungeons and Daemons
Play Roll for Initiative. Hack the Planet.Dungeons & Daemons is a cybersecurity RPG that drops you into the boots of a Red Team operator on a live…
Benchmarking Self-Hosted LLMs for Offensive Security
We put LLMs to the test—let's find out how good AI is at hacking! We walk through six simple challenges with intentionally naïve setups to test how capable…
IAM the Captain Now – Hijacking Azure Identity Access
I decided to spend some research time diving in depth into Identity and Access Management (IAM) within Microsoft Azure. I am going to show you within this blog…
Building a Detection Foundation: Part 5 - Correlation in Practice
From Data Sources to DetectionWe've covered a lot of ground in this series: Windows Security events for logon tracking and process execution; PowerShell…
Reduce Repetition and Free up Time With Mobile File Extractor
If you do the same thing three times, automate it. Introducing Mobile Data Extractor, a Python tool that handles the repetitive work of mobile app data…
Policy as Code: Stop Writing Policies and Start Compiling Them
The Problem Nobody Wants to Talk AboutLet me paint a picture most security leaders will recognize.You have 30+ policies living as Word documents on SharePoint.…
Building a Detection Foundation: Part 4 - Sysmon
Filling the Gaps Native Logging Can'tAt this point in our series, we have Windows Security events capturing logon sessions and process creation, and…
Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found
Invisible password sprays. Invisible logins. Full tokens returned.Nyxgeek here. It's 2026 and I've got two more Azure Entra ID sign-in log bypasses…
Better Together: Combining Automation and Manual Testing
When I started working in mobile application security in 2018, most testing was still largely manual. Since then, the ecosystem has exploded with scanners,…
LnkMeMaybe - A Review of CVE-2026-25185
A Windows shortcut (.lnk) seems very simple on the surface. It is a file that points somewhere and tells the system to open or execute a resource. A shortcut…
Building a Detection Foundation: Part 3 - PowerShell and Script Logging
The Second Most Important Data Source You're Probably Not CapturingIn Part 2, we enabled process creation logging with command lines. That's a big…
Building a Detection Foundation: Part 2 - Windows Security Events
The Audit Policies Nobody ConfiguresIn Part 1, we looked at why relying on a single telemetry source is a recipe for blind spots. Now let's get practical.…
Loading...