UnICORN Library

SCYTHE aims to educate and engage in order to inspire the art of the possible in cybersecurity. Adversarial threats, risk management, and security innovation don’t pause when working from home. We have curated a collection of presentations, research, and conversations from our team. Come enjoy our library and stay tuned for the new unicorn content that will be added regularly.

Blog Post

New!

May 27, 2020

SCYTHE is a 2020 Innovators' Showcase Honoree

We are proud to announce that SCYTHE has been recognized as a 2020 Innovators' Showcase Honoree!

VIEW

Blog Post

New!

May 20, 2020

SCYTHE and PlexTrac Team Up to Streamline Security Data

SCYTHE is excited to announce our integration with PlexTrac— available now! PlexTrac is a next generation platform for red and blue teams to collaborate effectively.

VIEW

Presentation

New!

May 18, 2020

SCYTHE Webinar - Building Blue: Fortifying Data Defenses & Supply Chain Risks

Efficiently maximizing resources has become increasingly important as infrastructure IT teams identify resources to help them protect their networks while short staffed with many team members working remotely. The expert panel will dive into supply chain & data privacy risk considerations for blue teams evaluating both new and existing tools & platforms.

VIEW

Presentation

New!

May 14, 2020

Find your Beacon during the Storm -  Building Your Business during a Crisis

This webinar features a panel with Martin Roesch, Caleb Sima, and Ron Gula discussing about how they built their businesses during an economic crisis and lessons for today.

VIEW

Presentation

New!

May 8, 2020

Bryson Bort's presentation at DerpCon - Entrepreneurial Adventures: Starting Your Own Company

So you’re not crazy, you just want to start your own company. Which kinda takes a level of crazy to pull it off. We’ll talk through what it takes to be an entrepreneur, different kinds of companies (service, product, non-profit), the market, back-office administration, pricing and economics, and my experiences starting three companies.

VIEW

Presentation

New!

May 8, 2020

Wild West Hackin' Cast by Bryson Bort & Jorge Orchilles - Adversarial Emulation with the C2 Matrix

Open source tool release and updates: this is information for the community and a call to action! We have created an open-source C2 evaluation framework so that teams can easily determine what’s the best tool for penetration testing/red teaming particular scenarios.

VIEW

Blog Post

New!

April 14, 2020

What Red Teams need to know about the SCYTHE Marketplace

In this week’s spotlight SCYTHE Advisory Council Member, Tim MalcomVetter shares why Red Teams should get excited about the SCYTHE Marketplace and how it is going to help solve some of the gaps.

VIEW

Blog Post

New!

April 8, 2020

From Moonshot to Slingshot (C2 Matrix Edition)

Having participated in the Cyber Moonshot last year, I’ve seen where grand vision tries to achieve reality. Being a former operator, I’ve always been more comfortable putting tools in the hands of those that can help.

VIEW

Presentation

New!

March 30, 2020

Wild West Hackin' Cast by Adam Mashinchi - Quickstart Guide to MITRE ATT&CK: the Do's and Don'ts when using the Matrix

This webcast will provide the audience with a very fast, yet very practical, overview of ATT&CK; as well as how it is being utilized well, and not-so-well, in the industry.

VIEW

Presentation

New!

March 27, 2020

Bryson Bort's presentation at Advanced Persistent Talks - Adversarial Emulation

The presentation goes through multiple considerations of the entire red team lifecycle. Concluding with how we can work on these activities towards a purple team approach.

VIEW

Presentation

New!

March 11, 2020

Liz Wharton and Suchi Pahi’s presentation at ShmooCon 2020 - Face/Off: Action Plan for Perils & Privileges of Facial Recognition

‍This presentation talks about current facial recognition use cases, growing regulatory concerns, the consequences of facial recognition, and what you can do.

VIEW

Blog Post

New!

March 4, 2020

Innovate at the Edge: Launching Community Driven Security Innovation

Experience-driven threat research at the edge is in the driver’s seat as the SCYTHE Marketplace was unveiled during this year’s RSA Conference.

VIEW

Presentation

New!

February 26, 2020

Bryson Bort & Chris Kreb’s ICS Discussion at RSA Conference 2020

They talk about the vision for community engagement, training and partnership to provide interactive simulated control systems environments.

VIEW

Blog Post

New!

February 19, 2020

What’s the SCYTHE Marketplace?

The SCYTHE Marketplace launching during RSAC 2020 brings expert innovation necessary to measure constantly evolving real world threats. In this week’s SCYTHE spotlight, Adam Mashinchi, SCYTHE’s VP of Product Management, discusses how the SCYTHE Marketplace expands effective threat emulation that keeps pace with the latest trends and how developers can get involved.

VIEW

Blog Post

New!

February 13, 2020

Breaking Imphash

Signaturing is a technique used to associate a unique value to a malware. Roughly, when an enterprise’s security sensor comes across a file, it computes the file’s signature and chooses to deny access if this signature is in the sensor’s set of known malware signatures.

VIEW

Blog Post

New!

February 10, 2020

Meet Advisory Council member, Chloé Messdaghi

SCYTHE had the opportunity to sit down and talk with Advisory Council member, Chloé Messdaghi during ShmooCon 2020.

VIEW

Blog Post

New!

January 29, 2020

Meet SCYTHE’s Marketplace Advisory Council

‍SCYTHE, a leader in continuous breach and attack simulation, is bringing expert innovation to its platform through the introduction of the SCYTHE Marketplace, launching this Spring.

VIEW

Podcast

New!

January 28, 2020

What Is Real-ID And Why Should You Care | A Conversation With Elizabeth Wharton & Steve Luczynski

Liz and Steve talk with ITSP about what Real-ID is and what you need to know about it.

VIEW

Presentation

New!

December 11, 2019

Bryson Bort's Presentation at Wild West Hackin' Fest

Bryson Bort gives a talk at Wild West Hackin' Fest 2019 about Adversarial Emulation.

VIEW

Video

New!

December 3, 2019

The Political Knowledge Gap in Cybersecurity on Capitol Hill

Point3 Security’s VP of Strategy, Chloé Messdaghi sits down with Congressman C.A. Dutch Ruppersberger and CEO and Founder of GRIMM & SCYTHE, Bryson Bort to discuss how to close the knowledge gap in the cybersecurity community.

VIEW

Video

New!

November 18, 2019

Bits and Borders: Navigating Asymmetrical Risks in a Digital World

The Wilson Center's Science and Technology Innovation program hosted a forum exploring the changing digital and analog risk landscape.

VIEW

Blog Post

New!

October 7, 2019

SCYTHE Supports macOS

The SCYTHE team has been hard at work on our latest release, which brings with it a number of updates and new features!

VIEW

Presentation

New!

September 8, 2019

Bryson Bort’s presentation at DerbyCon 2019 - Adversarial Emulation

‍Learn to move your defenses and understanding beyond a detection-based approach which has repeatedly been demonstrated to fail.

VIEW

Podcast

New!

July 29, 2019

Security Sandbox: Not Doing it Alone with Bryson Bort

Bryson Bort talks about his companies GRIMM and SCYTHE, his time in the army, and his very important announcement regarding the names of some unicorns.

VIEW

Blog Post

New!

June 6, 2019

Know Your Enemy: Botnet Command and Control Architectures

What would you do if your company’s IT devices were discovered to be part of a botnet?

VIEW

Blog Post

New!

May 6, 2019

SCYTHE Goes Atomic

The SCYTHE team is excited to announce that our latest release gives you the power of Atomic Red Team with all the automation and ease of use of the SCYTHE platform.

VIEW

Blog Post

New!

April 2, 2019

Modern Authentication Bypasses

*hacker voice* “I’m in” is a Hollywood-esque phrase you’ve probably heard before. But how does someone actually do that? Do you wear a hoodie and change your terminal text to bright green?

VIEW

Blog Post

New!

February 15, 2019

The Purple Team - Organization or Exercise

As the cybersecurity industry continues to evolve, the use of certain terminology is changing and becoming more prevalent; such as the increased mention of Red Teams and Blue Teams inside boardrooms and IT departments.

VIEW

Blog Post

New!

January 18, 2019

SCYTHE: Starting 2019 with Linux and ATT&CK™

The SCYTHE team has been hard at work on our new release and we are proud to present the next major evolution of the SCYTHE Continuous Red Team Automation platform.

VIEW

Blog Post

New!

January 16, 2019

Fileless Malware and the Threat of Convenience

Many of the conveniences brought via modern tools, operating systems, and applications also bring means for an adversary to execute actions while under the guise of a valid service. This is seen distinctly in the increased use of Fileless Malware.

VIEW

Blog Post

New!

December 3, 2018

Paintball at the WMCAT Hub Debut

Paintball with a purpose. That was the theme for the 6th Annual Purple Event, hosted by the West Michigan Cyber Security Consortium (WMCSC) on October 10th at the West Michigan Center for Arts and Technology (WMCAT) facility.

VIEW

Blog Post

New!

October 17, 2018

The Launch of SCYTHE

When I started GRIMM, I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry and the greater business and government communities. Five years later, we have grown into a dynamic and passionate team who strives to make a better, more secure world through the independent research and the services we provide to clients.

VIEW

Blog Post

New!

October 16, 2018

Don’t Get Comfortable Yet - The Declining Fear of Ransomware

With the news that ransomware attacks are on the decline, in favor of crypto-mining (aka “crypto-jacking”), it is tempting to now reshuffle your enterprise’s defensive priorities based on the adversary trends.

VIEW

Blog Post

New!

October 3, 2018

What is SCYTHE's origin story?

When I started GRIMM, I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry and the greater business and government communities.

VIEW

Blog Post

New!

September 18, 2018

A Three-Step Approach to Threats: What All Organizations Should Know (but Equifax Doesn’t)

Within the context of historical cyber breaches, this can be classified as a massive attack: Equifax, one of the “big three” credit-rating agencies, announced earlier this month that hackers gained access to the Social Security numbers, credit card data, driver’s licenses, home addresses and other personally identifiable information (PII) of up to 143 million Americans.

VIEW

Blog Post

New!

September 17, 2018

SCYTHE Announces $3 Million in Initial Financing Round Led by Gula Tech Adventures

Earlier today we announced that we raised $3 million in an initial funding round led by the co-founder of Tenable, Ron Gula of Gula Tech Adventures.This investment will help accelerate our ability to deliver our attack simulation platform and drive new product development. We’ve planned a roadmap of new features and innovations that will disrupt the cybersecurity industry.

VIEW

Blog Post

New!

August 29, 2018

Breach Reality Check: Get More Realistic with the Latest in Attack Simulation

Today, SCYTHE unveiled unique enhancements to the SCYTHE attack simulation platform. This release allows measuring effectiveness of an enterprise’s security controls with granularity and prioritizing areas for real action across the entire enterprise against your people, technology or processes easier than ever before.

VIEW

Blog Post

New!

July 25, 2018

Getting ready for Black Hat?

August is right around the corner, our favorite time of the year - Black Hat and DEF CON! SCYTHE is gearing up for a great week in Las Vegas - and we’re especially excited because this is our first official hacker summer camp since officially launching the company last October. Here’s a bit of what we’ll be up to!

VIEW

Blog Post

New!

May 3, 2018

SCYTHE and the ICS Village’s inaugural RSAC!

Whew. Who’s still recovering from RSAC 2018? GRIMM has been making appearances at the annual conference since launching in 2012. However, this was the inaugural visit for SCYTHE.

VIEW

Blog Post

New!

April 15, 2018

These Scars Must Be Worth Something

A summary of wisdom from years of learning the hard way. Excerpted from a keynote I gave at Rochester Institute of Technology to the RC3 Security Club.

VIEW

Blog Post

New!

January 18, 2018

Understanding the Real Cost of Pen Testing, Red Teaming and Blue Teaming

The void in the cybersecurity workforce is compounding the level of risk faced by enterprises. The global shortage of skilled security workers could reach 1.8 million in the next five years according to the Center for Cyber Safety and Education.

VIEW

let our tech speak for itself

Know where you stand with SCYTHE. Talk to us to start the evaluation process today! We’d love to talk to you about how SCYTHE can fit into your cybersecurity workflow.

EVALUATE

LEARN MORE