<span class="font-bold">Level up your training</span> <br /> with limited-time offers

Level up your training
with limited-time offers

Individual discounts Enterprise offers
Blog | OffSec

Blog

News and updates from OffSec

Research & Tutorials

Apr 9, 2024

5 min read

Behind Enemy Lines: Understanding the Threat of the XZ Backdoor

The following is an excerpt from our new module on the recent XZ Utils backdoor, CVE-2024-3094.   On Mar 29, 2024, at 12:00PM ET, Andres Freund posted on the Openwall mailing list about a backdoor he discovered in the XZ Utils package. The backdoor targeted the OpenSSH binary, allowing remote code execution on impacted machines.

Read more

OffSec News

OffSec Versus: Revolutionizing Cybersecurity Training Through Live-Fire Collaboration

Did you know that 95% of cybersecurity breaches are caused by human error? Traditional training methods often fail to address this critical factor, leaving organizations exposed. OffSec Versus, part of the Enterprise Cyber Range, is designed to change that. It’s a live-fire training environment where your Red and Blue teams learn by doing, battling head-to-head,

Apr 9, 2024

5 min read

Enterprise Security

Soft Skills for Cybersecurity Leaders: CISO’s Perspective

The emphasis on technical skills and knowledge in cybersecurity has always been present. However, as the field becomes increasingly complex and intertwined with every facet of business operations, the spotlight has shifted to the indispensable role soft skills hold in cybersecurity leadership.  This perspective was the focal point of our recent webinar, led by Thereasa

Apr 3, 2024

5 min read

OffSec News

Transform Your Cybersecurity Training with OffSec’s Cyber Ranges

In 2024, the cybersecurity landscape is bleak, with 62% of organizations acknowledging a pressing need for enhanced cybersecurity skills amidst growing digital threats. This statistic underscores the urgent demand for comprehensive training in modern cybersecurity practices​. In response to this critical need, OffSec is introducing a new suite of Cyber Ranges.  OffSec’s Cyber Ranges –

Apr 1, 2024

6 min read

Penetration Testing

Importance of report writing for pen testers

Pentesters are well known for their technical skill sets, they simulate cyber attacks on computer systems, networks, or applications in a controlled environment. And, their primary goal is to identify vulnerabilities and weaknesses to assess the security posture of a target system. Much of the work they do is technical in nature, but in order

Apr 1, 2024

9 min read
The Cybersecurity Skills Gap: Time to Step Up with OffSec’s Red Teaming and IoT Learning Paths

OffSec News

The Cybersecurity Skills Gap: Time to Step Up with OffSec’s Red Teaming and IoT Learning Paths

The cybersecurity landscape is indeed challenged by a significant skills gap, with reports highlighting the critical shortage of professionals equipped to handle escalating cyber threats. The 2023 Global Cybersecurity Skills Gap Report from Fortinet underscores the urgency of this issue, revealing that a vast majority of organizations are facing more breaches due to a lack

Mar 26, 2024

4 min read

OffSec News

Starting 2024 strong – The largest launch of security training from OffSec

Strong cybersecurity relies on an understanding of the importance of security throughout the entire organization. OffSec is committed to delivering security training to offensive, defensive, development and IT teams that can best protect organizations. In the first 10 weeks of 2024, we’ve released new learning paths to support more security training across the organization. No

Mar 14, 2024

3 min read

OffSec News

Cloud security training: Build secure cloud systems

The cloud’s potential is undeniable – but securing it remains a daunting challenge. A recent SC Magazine survey revealed a troubling statistic: one in four companies cite a critical cloud security skills gap. This gap leaves organizations vulnerable, as attackers exploit everything from exposed cloud storage buckets to vulnerabilities in development pipelines. Generic tutorials and

Mar 12, 2024

4 min read

OffSec News

Cybersecurity training aligned with the MITRE ATT&CK framework

The MITRE ATT&CK framework was developed in 2013 as a knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is a foundation for specific threat models and methodologies in the private sector, government, and cybersecurity product and service community. This MITRE ATT&CK Enterprise framework is used by many of

Mar 12, 2024

2 min read

Enterprise Security

The Essential Soft Skills for Cybersecurity Leaders

Learn about the essential role of soft skills in enhancing the effectiveness and resilience of cybersecurity leaders amidst evolving cyber threats.

Mar 5, 2024

10 min read

Research & Tutorials

AI in Cybersecurity

Mixed sentiment surrounds the application of AI in cybersecurity. Join us for an examination of where AI fits into our cybersecurity toolkits.

Feb 26, 2024

9 min read

OffSec News

Secure Coding – A critical skill in today’s threat landscape

Upgrade your secure coding skills with OffSec’s new Learning Paths! Master critical concepts and build resilient applications.

Feb 22, 2024

4 min read

OffSec News

Beyond the Keyboard: “Try Harder” Mindset and Goals

Read a post written by Shanks, the winner of our discord blog writing challenge and hear about their journey of earning the OSCP.

Feb 16, 2024

10 min read

Showing 53 - 65 of 358 entries