OPTIV/SOURCE ZERO
Innovation and Research Around Technology and Security
The Source Zero platform is a community of Optiv’s skilled individuals doing research and sharing their expertise. The Source Zero Tools are resources that provide actionable support and demonstrations around research initiatives.

February 17, 2021
Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks.
Blog

February 03, 2021
ScareCrow is a payload creation framework for generating loaders that side-load (not inject) into a legitimate Windows process (bypassing Application...
Tool

February 03, 2021
Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote.
Blog

February 02, 2021
This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product.
Blog

February 01, 2021
Toolsets have evolved for high-fidelity forensics and investigations – here we map them to the MITRE ATT&CK framework for Enterprise Cloud.
Blog

December 11, 2020
Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks.
Blog

November 05, 2020
A security vulnerability has been found in the Black Duck Hub REST API Python project (“blackduck” in the PyPI repository). Read more.
Blog

November 04, 2020
How to copy updated WinAutomation databases for RPA with Azure custom script extensions – part five of a series.
Blog

November 04, 2020
Part four in the series: setting up RPA with WinAutomation.
Blog

November 04, 2020
How to use Power Automate flows and Azure runbooks to tear down Azure resources and reply to emails – Dan Kiraly explains in part 7 of the series.
Blog

November 04, 2020
How to assign a specific public IP address using Azure Automation runbook. Part three in a series.
Blog

November 04, 2020
How to upload WinAutomation screenshots to Azure Container Storage using Invoke-AzVMRunCommand – part six in a series.
Blog
-
Copyright © 2021 Optiv Security Inc. All rights reserved.
-
No license, express or implied, to any intellectual property or other content is granted or intended hereby.
-
This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information.
-
Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards.
-
Complaints / questions should be directed to Legal@optiv.com