July 21, 2021

Gravwell Integration with SCYTHE

Enterprise-grade platforms have to integrate with other enterprise solutions in order to be effective and efficient for the end user. SCYTHE focuses on providing business value through adversary emulation and showing whether security tools and controls are properly implemented and tuned to detect malicious behavior.

Read Now

July 15, 2021

SCYTHE provides new insights on Vulnerability Assessments  in TAG Cybers New Report

SCYTHE has been selected by TAG Cyber on behalf of our leadership in the cybersecurity industry and our management of information as a technology solution provider to participate in the creation of its newest report. This report contains vital information regarding vulnerability and identity management, data breaches, and more

Read Now

July 13, 2021

Attack, Detect, and Respond a UniChat with Ed Amoroso and Bryson Bort

This UniChat was something special. SCYTHE Founder and CEO, Bryson Bort sat down to discuss Attack, Detect, and Respond with ADR collaborator and friend, Ed Amoroso. Ed is the CEO of TAG Cyber, a cyber expert, and a long-time friend. Bort and Amoroso opened the UniChat by sharing the story of ADR and how it originated. Attack, Detect, and Respond was born out of a need for companies to prioritize aligning risk assessments with business.

Read Now

June 17, 2021

TSA Pipeline Security Guidelines and ADR

In April 2021, the Transportation Security Administration (TSA) updated its TSA Pipeline Security Guidelines. The Colonial Pipeline ransomware attack means more attention will be paid to the cybersecurity posture of the oil and natural gas (ONG) industry. Understanding the changes to the TSA Pipeline Security Guidelines shows how Attack, Detect, and Response (ADR) can enhance security.

Read Now

June 9, 2021

The Real Costs of Ransomware: Direct Costs

Ransomware is a growing problem for organizations of all sizes and it is becoming a national security threat. As threat actors continue to look for new ways to hold companies and data hostage, security teams can feel like they’re always one step behind.

Read Now


July 26, 2021

Adaptive Adversary Emulation (Part 1): Execution Details

Back in 2019 at the inaugural SANS Purple Team Summit I gave a talk titled “Adaptive Adversary Emulation with MITRE ATT&CK®”. In the talk I go over how small changes to adversary emulation plans can provide significant results and allow a deliberate approach to generating iterative tests.

Read Now

July 22, 2021

You can’t detect 0-day exploits but… you can detect what happens next

A zero day (or 0-day) is a vulnerability that is not known by the software vendor nor the end users. They are a great way to gain initial access into an organization without being detected. Zero days are rarely used in widespread attacks as they are a high cost to the attacker (identifying a vulnerability that has a high chance of successful exploitation).

Read Now

July 22, 2021

Malicious Uses of Blockchains

SCYTHE’s engineering team shares their most recent article on the malicious uses of Blockchains. Here’s why this is important: Cryptocurrencies are discussed often, but few understand what they are or how they work. The engineering team defines each cryptocurrency type in detail.

Read Now