Purple Teaming for Operational Technology (OT)

Why Cyber Risks Persist for Companies, Even with In-House Teams or MSSP Support

Rethinking Cyber Security Budgeting

Quantifying Business Risk Reduction and ROI

Storm Chasing: Defend Against Volt Typhoon with SCYTHE

TSA SD-02C: Critical Infrastructure Cyber Regulations

SCYTHE: Connecting the Red and Blue Transforming Controls Validation with Smart Tagging

Transforming Proactive Cybersecurity with SCYTHE's AI Assistant: Cl0ppy

Achieving Annual PenTest Compliance via Purple Teaming

Ransomware Defense: Adversarial Emulation for Hospitals and Healthcare

Adversarial Emulation’s Role as Transformative Agent in Cyber Insurance

CITRIXBLEED: Strengthen Defenses with SCYTHE

Navigating Scattered Spider Threat Actors with SCYTHE

SCYTHE: 2024 Cyber Impact Makers

Defending Against Medusa Ransomware with SCYTHE Empower

Critical Infrastructure Cybersecurity Compliance

Risk Assessment Maturity Model: Advancing Approach with Maturity

Enhancing Public Safety and Protecting Critical Infrastructure through Threat Insights

Web Application Pentesting and the Importance of Specialization with Tib3rius

Unveiling Threats: The Power of Endpoint Detection & Response (EDR) Solutions

The Power of Community: A Journey of Education and Empowerment

SCYTHE 4.0 Unlocks Continuous Threat Analysis & Controls Validation

Michael Taggart's Journey in Education and Information Security

The Ongoing Challenge of Prioritization: The Vulnerability Management Predicament

The Evolution of a Cybersecurity Career: Insights from Tom Eston

Ransomware Attacks on Healthcare: Urgent Need for Strengthening Cybersecurity Measures

SCYTHE's BAS+: Enabling CISOs to Efficiently Measure Risks and Enhance Incident Response

Understanding New SEC Cyber Incident-Reporting Rules: An Essential Guide for CISOs, CIOs, and CFOs

The Value of IOCs vs. IOAs

Be a Better Teammate: Decreasing Friction Between Red and Blue Teams

The Truth About Ransomware

Making Procedure-Level Intelligence Actionable for Defenders

‘Purple team’ approach boosts cybersecurity

Writing Better Security Exclusions With EER

Easy LOLBAS Wins for Purple Teams

New OMB Guidance to Software Producers

AMA with Jake Williams

Breaking: Follina (MSDT) Vulnerability

Version 3.7 of the SCYTHE Platform Released - Demo Video

F5 Big-IP appliances vulnerability - Follow-up

Actionable Purple Teaming: Why and How You Can (and Should) Go Purple

VULN ALERT: F5 Big-IP appliances vulnerability - CVE-2022-1388

Adaptive Emulation (Part 2): Execution Methods

A Lesson from the Okta Incident: Scaling Purple Teaming for Better Controls Validation

Why is SCYTHE Building a CTI Team?

Building an Internal Red Team? Go Purple first

Cybersecurity and Your Board

Summiting the Pyramid of Pain: The TTP Pyramid

Breaking Down LOLBAS Attacks With The Help Of Hunter-gatherers

Porting the Log4J CVE PoC to SCYTHE

SCYTHE Announces Series A Funding Round

Simplifying the MITRE ATT&CK Framework

The Risks of Supply Chain Corruption from IoT Devices

SCYTHE Partner Spotlight: CIPHER

Blue Team Training, Assumed Breach, and Shifting Security Left

SCYTHE is thrilled to announce that we have been chosen as a 2021 Timmy Awards Best Tech Startup Finalist!

SCYTHE was recently selected as one of SINET’s companies to watch for 2021

T1030- Testing Data Transfer Limit Sizes

SCYTHE named one of 101 Leading Virginia Risk Management Firms and Startups – The Future of Risk Management

SCYTHE’s Virtual File System

A New Paradigm for Recovery: Shifting Your Mindset

SCYTHE Domain Fronting through Azure CDN

Malware Risks in Open Source Code

CISO Stressed Episode 9: Aldan Berrie

The Real Costs of Ransomware: Hidden Costs

Threat Intelligence Sharing: Democratizing Risk Information

CISO Stressed Episode 8: Robert “RSnake” Hansen

Adaptive Adversary Emulation (Part 1): Execution Details

Malicious Uses of Blockchains

You can’t detect 0-day exploits but… you can detect what happens next

Gravwell Integration with SCYTHE

Beachhead Access in Industrial Control Systems

SCYTHE provides new insights on Vulnerability Assessments  in TAG Cybers New Report

Exfiltration Over Alternative Protocol

CISO Stressed Episode 7: Matthew Dunlop CISO at Under Armour

Attack, Detect, and Respond a UniChat with Ed Amoroso and Bryson Bort

CISO STRESSED Episode 6 with Ed Rojas, Director of Tactical Edge.

TSA Pipeline Security Guidelines and ADR

The Real Costs of Ransomware: Direct Costs

CISO Stressed Episode 5: Nick Andersen

SCYTHE is proud to be recognized on the CyberTech100 for 2021

SCYTHE & ATT&CK Navigator

SCYTHE and PlexTrac Integration

An In-memory Embedding of CPython with SCYTHE

Introducing the Purple Team Maturity Model

We joined 18 other companies to call for a prioritization of Critical Infrastructure security in the American Jobs Plan.

Why assume breach?

The Difference Between Cybersecurity Simulation vs Cybersecurity Emulation

Backdoors and Breaches Expansion Deck

CISO Stressed Episode 4: SCYTHE Chief of Staff Elizabeth Wharton interviews Dr. Pablo Breuer.

Loading Capabilities from Memory: Open Sourcing SCYTHE's Windows C In-memory Module Loader

Vulnerability Management is Hard! Using CVSS and other scoring to prioritize patching

SCYTHE Named 2021 TAG Cyber Distinguished Vendor

Using SCYTHE payload as Shellcode

UniCon21 Recap

Adversary Emulation Metrics Time to Detect

Setting up SCYTHE-VECTR integration

Defense Evasion with SCYTHE

SCYTHE v3.2 is Available!

How to Defend Against Ransomware

The continuing pain of PowerShell

Our Founder and CEO Bryson Bort breaks down the Florida water treatment facility attack.

Introduction to Adversary Emulation

Red Team Non-Attributable Infrastructure and the Executive Order

Parsing an Executive Order: Streaming on Your TV Soon

Why you should embrace Purple Team today

Leveraging Resources When Chock Full of Challenges.

10 Benefits of Red Team Engagements

Red Team and Threat-Led Penetration Testing Frameworks

SCYTHE Welcomes Megan Samford to Advisory Council

No Rest for the Weary: Breaches are Inevitable

Attack Infrastructure: Red Teams vs. Malicious Actors

Episode 3: Leveraging Resources When Chock Full of Challenges with Guest Mitch Parker

Active Directory Attacks with Kerberoasting

CISO Stressed Episode 2: Digital Empathy in the Customer Experience (Guest Shawn M Bowen)

SCYTHE Updates: Purple Team Programming

CISO Stressed Episode 1: Wendy Nather & Tyrone Wilson

FAQs - Getting Started in Ethical Hacking

Defend Our Healthcare

UniCon CTF - Know Your Payload

Purple Team Exercise Framework (PTEF) Workshop

SCYTHE version 3.1 with MITRE ATT&CK Sub-Techniques

VECTR Integration

Virtual Hacker Summer Camp 2020

Porting Tools to SCYTHE: An SDK Proof of Concept

SCYTHE’s Ethical Hacking Maturity Model

Announcing UniCon

Splunk Integration

Breaching Terms of Service Doesn’t Breach the CFAA: Protect Independent Security Research

Under the Hood: SCYTHE Architectural Overview (Part 1)

SCYTHE 3.0 is here!

Software Development Kit

Cuddling the Cozy Bear, Emulating APT29 by Jorge Orchilles - Cyber Junegle

SCYTHE & PlexTrac Present: Dealin' With The Data

SCYTHE Welcomes Jorge Orchilles as Chief Technology Officer

"Measuring Cyber Risk" webinar with Bryson Bort & Paul Rosenzweig.

SCYTHE is a 2020 Innovators' Showcase Honoree

SCYTHE and PlexTrac Team Up to Streamline Security Data

SCYTHE Webinar - Building Blue: Fortifying Data Defenses & Supply Chain Risks

Find your Beacon during the Storm -  Building Your Business during a Crisis

Bryson Bort's presentation at DerpCon - Entrepreneurial Adventures: Starting Your Own Company

Wild West Hackin' Cast by Bryson Bort & Jorge Orchilles - Adversarial Emulation with the C2 Matrix

From Moonshot to Slingshot (C2 Matrix Edition)

Wild West Hackin' Cast by Adam Mashinchi - Quickstart Guide to MITRE ATT&CK: the Do's and Don'ts when using the Matrix

Bryson Bort's presentation at Advanced Persistent Talks - Adversarial Emulation

Liz Wharton and Suchi Pahi’s presentation at ShmooCon 2020 - Face/Off: Action Plan for Perils & Privileges of Facial Recognition

Bryson Bort & Chris Kreb’s ICS Discussion at RSA Conference 2020

Breaking Imphash

What Is Real-ID And Why Should You Care | A Conversation With Elizabeth Wharton & Steve Luczynski

Bryson Bort's Presentation at Wild West Hackin' Fest

The Political Knowledge Gap in Cybersecurity on Capitol Hill

Bits and Borders: Navigating Asymmetrical Risks in a Digital World

SCYTHE Supports macOS

Bryson Bort’s presentation at DerbyCon 2019 - Adversarial Emulation

Security Sandbox: Not Doing it Alone with Bryson Bort

Know Your Enemy: Botnet Command and Control Architectures

SCYTHE Goes Atomic

Modern Authentication Bypasses

The Purple Team - Organization or Exercise

SCYTHE: Starting 2019 with Linux and ATT&CK™

Fileless Malware and the Threat of Convenience

The Launch of SCYTHE

Don’t Get Comfortable Yet - The Declining Fear of Ransomware

What is SCYTHE's origin story?

A Three-Step Approach to Threats: What All Organizations Should Know (but Equifax Doesn’t)

SCYTHE Announces $3 Million in Initial Financing Round Led by Gula Tech Adventures

Breach Reality Check: Get More Realistic with the Latest in Attack Simulation

Getting ready for Black Hat?

SCYTHE and the ICS Village’s inaugural RSAC!

These Scars Must Be Worth Something

Understanding the Real Cost of Pen Testing, Red Teaming and Blue Teaming