Enterprise-grade platforms have to integrate with other enterprise solutions in order to be effective and efficient for the end user. SCYTHE focuses on providing business value through adversary emulation and showing whether security tools and controls are properly implemented and tuned to detect malicious behavior.

SCYTHE has been selected by TAG Cyber on behalf of our leadership in the cybersecurity industry and our management of information as a technology solution provider to participate in the creation of its newest report. This report contains vital information regarding vulnerability and identity management, data breaches, and more

This UniChat was something special. SCYTHE Founder and CEO, Bryson Bort sat down to discuss Attack, Detect, and Respond with ADR collaborator and friend, Ed Amoroso. Ed is the CEO of TAG Cyber, a cyber expert, and a long-time friend. Bort and Amoroso opened the UniChat by sharing the story of ADR and how it originated. Attack, Detect, and Respond was born out of a need for companies to prioritize aligning risk assessments with business.

In April 2021, the Transportation Security Administration (TSA) updated its TSA Pipeline Security Guidelines. The Colonial Pipeline ransomware attack means more attention will be paid to the cybersecurity posture of the oil and natural gas (ONG) industry. Understanding the changes to the TSA Pipeline Security Guidelines shows how Attack, Detect, and Response (ADR) can enhance security.

Ransomware is a growing problem for organizations of all sizes and it is becoming a national security threat. As threat actors continue to look for new ways to hold companies and data hostage, security teams can feel like they’re always one step behind.

Back in 2019 at the inaugural SANS Purple Team Summit I gave a talk titled “Adaptive Adversary Emulation with MITRE ATT&CK®”. In the talk I go over how small changes to adversary emulation plans can provide significant results and allow a deliberate approach to generating iterative tests.

A zero day (or 0-day) is a vulnerability that is not known by the software vendor nor the end users. They are a great way to gain initial access into an organization without being detected. Zero days are rarely used in widespread attacks as they are a high cost to the attacker (identifying a vulnerability that has a high chance of successful exploitation).

SCYTHE’s engineering team shares their most recent article on the malicious uses of Blockchains. Here’s why this is important: Cryptocurrencies are discussed often, but few understand what they are or how they work. The engineering team defines each cryptocurrency type in detail.