A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
OPTIV/SOURCE ZERO Latest news and research on red and blue team security capabilities, objective tool analysis and step-by-step solutions. The Source Zero® platform provides a space for the Optiv community to share their knowledge, research and tools. See our newest insights on subjects ranging from ethical hacking to threat intelligence to application security. Image Search Terms Type - Any -BlogToolVideo Team - Any -RedBluePurple/No Team Sort By LatestOldest Image Breaking the (WDAPT) Rules with COM May 12, 2021 This article explores gaps that allow for the undetected execution of code on systems protected by Microsoft Defender Advanced Threat Protection. See Details Blog Image Credential Theft Prevention With a Palo Alto Networks NGFW April 23, 2021 We encourage clients to understand and adopt Palo Alto’s powerful credential theft prevention feature. See Details Blog Image Accelerating Vulnerability Remediation with Automation April 12, 2021 We reduced mean time to remediate by accelerating the processes from vulnerability discovery to the deployment of a corrective system update. See Details Blog Image Firefox Addons For Application Security Testing March 24, 2021 Firefox’s appsec add-ons make it a useful tool for new pen testers who can’t afford professional tools. See Details Blog Image MobileIron MDM Contains Static Key Allowing Account Enumeration March 22, 2021 MobileIron MDM exposes account enumeration and SFA to unauthenticated attacks. This analysis details how to mitigate this vulnerability. See Details Blog Image BadOutlook for C2 March 18, 2021 Given Office product functionality, it’s possible for adversaries to leverage Outlook's COM interface in attacks for extended persistence. See Details Blog Image Automating Captcha Attacks February 17, 2021 Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks. See Details Blog Image ScareCrow Payload Creation Framework February 03, 2021 ScareCrow is a payload creation framework for generating loaders that side-load (not inject) into a legitimate Windows process (bypassing Application... See Details Tool Image EDR and Blending In: How Attackers Avoid Getting Caught February 03, 2021 Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote. See Details Blog Image Endpoint Detection and Response: How Hackers Have Evolved February 02, 2021 This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product. See Details Blog Image The Evolution of Cloud Forensics and Incident Response February 01, 2021 Toolsets have evolved for high-fidelity forensics and investigations – here we map them to the MITRE ATT&CK framework for Enterprise Cloud. See Details Blog Image Abusing AirWatch MDM Services to Bypass MFA December 11, 2020 Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks. See Details Blog Pagination First page « First Previous page ‹ Previous … Page 4 Page 5 Page 6 Page 7 Page 8 Current page 9 Page 10 Page 11 Page 12 Next page Next › Last page Last » Introducing Source Zero Our new technical cybersecurity thought leadership resource, Source Zero, focuses on red and blue team security capabilities, objective tools analysis, and more.
Image Breaking the (WDAPT) Rules with COM May 12, 2021 This article explores gaps that allow for the undetected execution of code on systems protected by Microsoft Defender Advanced Threat Protection. See Details Blog
Image Credential Theft Prevention With a Palo Alto Networks NGFW April 23, 2021 We encourage clients to understand and adopt Palo Alto’s powerful credential theft prevention feature. See Details Blog
Image Accelerating Vulnerability Remediation with Automation April 12, 2021 We reduced mean time to remediate by accelerating the processes from vulnerability discovery to the deployment of a corrective system update. See Details Blog
Image Firefox Addons For Application Security Testing March 24, 2021 Firefox’s appsec add-ons make it a useful tool for new pen testers who can’t afford professional tools. See Details Blog
Image MobileIron MDM Contains Static Key Allowing Account Enumeration March 22, 2021 MobileIron MDM exposes account enumeration and SFA to unauthenticated attacks. This analysis details how to mitigate this vulnerability. See Details Blog
Image BadOutlook for C2 March 18, 2021 Given Office product functionality, it’s possible for adversaries to leverage Outlook's COM interface in attacks for extended persistence. See Details Blog
Image Automating Captcha Attacks February 17, 2021 Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks. See Details Blog
Image ScareCrow Payload Creation Framework February 03, 2021 ScareCrow is a payload creation framework for generating loaders that side-load (not inject) into a legitimate Windows process (bypassing Application... See Details Tool
Image EDR and Blending In: How Attackers Avoid Getting Caught February 03, 2021 Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote. See Details Blog
Image Endpoint Detection and Response: How Hackers Have Evolved February 02, 2021 This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product. See Details Blog
Image The Evolution of Cloud Forensics and Incident Response February 01, 2021 Toolsets have evolved for high-fidelity forensics and investigations – here we map them to the MITRE ATT&CK framework for Enterprise Cloud. See Details Blog
Image Abusing AirWatch MDM Services to Bypass MFA December 11, 2020 Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks. See Details Blog