April 15, 2021

UniCon21 Recap

It was a day packed with amazing presentations as we celebrated National Unicorn Day. UniCon21 is a free virtual conference for the security researcher and defender community. Check out all the UniCon21 videos.

Read Now

February 18, 2021

SCYTHE v3.2 is Available!

We are excited to announce the release of SCYTHE version 3.2! This release brings a number of new features, many of which were specifically created out of feedback from our amazing customers!

Read Now

February 10, 2021

Our Founder and CEO Bryson Bort breaks down the Florida water treatment facility attack.

The attack on the water treatment facility located in Oldsmar, Florida, disclosed last week highlights security shortages in the water utility sector and the rest of the U.S. critical infrastructure sector.

Read Now

February 4, 2021

Introduction to Adversary Emulation

What is adversary emulation? Adversary emulation leverages adversary tactics, techniques, and procedures, enhanced by cyber threat intelligence, to create a security test based on real world intrusion campaigns.

Read Now

January 8, 2021

Leveraging Resources When Chock Full of Challenges.

Elizabeth Wharton interviews Guest Mitch Parker, Exec. Dir./CISO at Indiana University Health. Healthcare security is present on all of our minds these days. The security and medical communities are working together towards the same goal: protecting the people. You may be wondering, what does that look like in today’s world?

Read Now


April 15, 2021

Using SCYTHE payload as Shellcode

Guest blog post by one of our partners, Jean-Maes from NVISO. During Unicon21, I (Jean-Maes) presented how I leverage the D/Invoke project from TheWover to load a SCYTHE campaign using the SCYTHE DLL that is automatically created for each campaign.

Read Now

April 7, 2021

Adversary Emulation Metrics Time to Detect

Offensive security professionals and program coordinators have a learning curve as they mature through the different ethical hacking assessment types. In Vulnerability Assessment/Management and Penetration Testing, we use Common Vulnerabilities and Exposures (CVE IDs) and the Common Vulnerability Scoring System (CVSS) to report a finding using two criteria:

Read Now

April 2, 2021

Setting up SCYTHE-VECTR integration

Many SCYTHE customers like to track their red and purple team exercises in a free reporting tool called VECTR. VECTR is maintained by Security Risk Advisors and we have been working with them on integrations for over a year. Naturally, we help our customers set up VECTR so that they can import SCYTHE campaigns more easily. This is a quick start guide that should help you set up VECTR with SCYTHE integration.

Read Now