[Webinar] 5 Keys to Building Effective Purple Teams - Register now
Blog | OffSec

Blog

News and updates from OffSec

Enterprise Security

Apr 16, 2024

13 min read

What is Cybersecurity Compliance? The Ultimate Guide

Learn about the importance of cybersecurity compliance, the most common cybersecurity compliance frameworks and how to ensure your organization is compliant.

Read more

Threat Hunting

Proactive Threat Detection: Introducing Threat Hunting Essentials

Outsmart evolving cyber threats with Threat Hunting Essentials. This hands-on training path builds expertise in threat actor analysis, advanced hunting techniques, and data analysis.

Apr 16, 2024

3 min read

Insights

The Race Against the Hackers: How the OffSec Cyber Ranges Keep You Ahead

Stay ahead of hackers! OffSec Cyber Ranges train your team on the latest exploits for a proactive, adaptable defense.

Apr 15, 2024

7 min read

Insights

Communication Skills in Cybersecurity

Learn about the importance of clear and effective communication skills in cybersecurity.

Apr 12, 2024

4 min read

Research & Tutorials

Behind Enemy Lines: Understanding the Threat of the XZ Backdoor

The following is an excerpt from our new module on the recent XZ Utils backdoor, CVE-2024-3094.   On Mar 29, 2024, at 12:00PM ET, Andres Freund posted on the Openwall mailing list about a backdoor he discovered in the XZ Utils package. The backdoor targeted the OpenSSH binary, allowing remote code execution on impacted machines.

Apr 9, 2024

5 min read

OffSec News

OffSec Versus: Revolutionizing Cybersecurity Training Through Live-Fire Collaboration

Did you know that 95% of cybersecurity breaches are caused by human error? Traditional training methods often fail to address this critical factor, leaving organizations exposed. OffSec Versus, part of the Enterprise Cyber Range, is designed to change that. It’s a live-fire training environment where your Red and Blue teams learn by doing, battling head-to-head,

Apr 9, 2024

5 min read

Enterprise Security

Soft Skills for Cybersecurity Leaders: CISO’s Perspective

The emphasis on technical skills and knowledge in cybersecurity has always been present. However, as the field becomes increasingly complex and intertwined with every facet of business operations, the spotlight has shifted to the indispensable role soft skills hold in cybersecurity leadership.  This perspective was the focal point of our recent webinar, led by Thereasa

Apr 3, 2024

5 min read

OffSec News

Transform Your Cybersecurity Training with OffSec’s Cyber Ranges

In 2024, the cybersecurity landscape is bleak, with 62% of organizations acknowledging a pressing need for enhanced cybersecurity skills amidst growing digital threats. This statistic underscores the urgent demand for comprehensive training in modern cybersecurity practices​. In response to this critical need, OffSec is introducing a new suite of Cyber Ranges.  OffSec’s Cyber Ranges –

Apr 1, 2024

6 min read

Penetration Testing

Importance of report writing for pen testers

Pentesters are well known for their technical skill sets, they simulate cyber attacks on computer systems, networks, or applications in a controlled environment. And, their primary goal is to identify vulnerabilities and weaknesses to assess the security posture of a target system. Much of the work they do is technical in nature, but in order

Apr 1, 2024

9 min read
The Cybersecurity Skills Gap: Time to Step Up with OffSec’s Red Teaming and IoT Learning Paths

OffSec News

The Cybersecurity Skills Gap: Time to Step Up with OffSec’s Red Teaming and IoT Learning Paths

The cybersecurity landscape is indeed challenged by a significant skills gap, with reports highlighting the critical shortage of professionals equipped to handle escalating cyber threats. The 2023 Global Cybersecurity Skills Gap Report from Fortinet underscores the urgency of this issue, revealing that a vast majority of organizations are facing more breaches due to a lack

Mar 26, 2024

4 min read

OffSec News

Starting 2024 strong – The largest launch of security training from OffSec

Strong cybersecurity relies on an understanding of the importance of security throughout the entire organization. OffSec is committed to delivering security training to offensive, defensive, development and IT teams that can best protect organizations. In the first 10 weeks of 2024, we’ve released new learning paths to support more security training across the organization. No

Mar 14, 2024

3 min read

OffSec News

Cloud security training: Build secure cloud systems

The cloud’s potential is undeniable – but securing it remains a daunting challenge. A recent SC Magazine survey revealed a troubling statistic: one in four companies cite a critical cloud security skills gap. This gap leaves organizations vulnerable, as attackers exploit everything from exposed cloud storage buckets to vulnerabilities in development pipelines. Generic tutorials and

Mar 12, 2024

4 min read

OffSec News

Cybersecurity training aligned with the MITRE ATT&CK framework

The MITRE ATT&CK framework was developed in 2013 as a knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is a foundation for specific threat models and methodologies in the private sector, government, and cybersecurity product and service community. This MITRE ATT&CK Enterprise framework is used by many of

Mar 12, 2024

2 min read

Showing 53 - 65 of 362 entries