Every Solution You Can Imagine – and More What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Image Up-to-date information and research on red and blue team security capabilities, objective tools analysis, new research and step-by-step solutions. The Source Zero® platform is a community of Optiv’s skilled individuals doing research and sharing their expertise. The Source Zero Tools are resources that provide actionable support and demonstrations around research initiatives. Image 2022 Source Zero Con Videos View the 2022 Source Zero Con Content On-Demand. Visit Source Zero 2022 Search Terms Type - Any -BlogToolVideo Team - Any -RedBluePurple/No Team Sort By LatestOldest Image Cyber Operations Augmenting Russian Military Operations February 10, 2022 This advisory offers recommendations for organizations potentially affected by Russian state-sponsored activity in Ukraine. See Details Blog Image ClassApps Inc. SelectSurvey.NET v5.0 Vulnerabilities Disclosure January 26, 2022 We identified Ivy framework fileless attack techniques that execute undetected in Microsoft Office. Here's how with suggested security augmentations. See Details Blog Image Defeating EDRs with Office Products January 11, 2022 We identified Ivy framework fileless attack techniques that execute undetected in Microsoft Office. Here's how with suggested security augmentations. See Details Blog Image Automated Endpoint Evaluations – Part 3 Creating Virtual Machines and Allowed IP Address Assignment as part of a Power Automate Cloud Flow November 19, 2021 This post discusses the creation of Azure test virtual machines and assigning an allowed IP address as part of a Power Automate cloud flow. See Details Blog Image Automated Endpoint Evaluations – Part 2 October 07, 2021 This video discusses Optiv's creation of Azure Resource Groups and Security Groups as part of a Power Automate Cloud Flow. See Details Blog Image Microsoft 365 OAuth Device Code Flow and Phishing August 17, 2021 We leveraged Microsoft’s OAuth authorization flow for a phishing attack. Here’s step-by-step guidance on how to conduct it for security assessment. See Details Blog Image Automated Endpoint Evaluations – Part 1 August 12, 2021 Optiv researcher Dan Kiraly examines automated endpoint evaluations in the first technical video of a series. See Details Blog Image PetitPotam & Active Directory Certificate Services August 10, 2021 Multiple CVEs involving Active Directory Certificate Services and a new NTLM relay attack can be chained to compromise an Active Directory domain. See Details Blog Image Go365: Office 365 Password Spraying Tool June 17, 2021 Go365 performs user enumeration and password spraying attacks on organizations that use Office 365. See Details Blog Image Kubernetes Attack Surface June 17, 2021 Optiv highlights the attack strategy of using forged Kerberos tickets to compromise a domain, and provides ways to defend against it. See Details Blog Image Kerberos - A Domains Achille's Heel June 02, 2021 Optiv highlights the attack strategy of using forged Kerberos tickets to compromise a domain, and provides ways to defend against it. See Details Blog Image Phone-Pretexting - Mastering Social Engineering Savior-Faire May 27, 2021 I will discuss how to carry out phone pretexting calls for engagements, including how to begin reconnaissance, how to build a scenario, preparing for... See Details Video Pagination First page « First Previous page ‹ Previous Page 1 Page 2 Current page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Next page Next › Last page Last » Introducing Source Zero Our new technical cybersecurity thought leadership resource, Source Zero, focuses on red and blue team security capabilities, objective tools analysis, and more.
Image Cyber Operations Augmenting Russian Military Operations February 10, 2022 This advisory offers recommendations for organizations potentially affected by Russian state-sponsored activity in Ukraine. See Details Blog
Image ClassApps Inc. SelectSurvey.NET v5.0 Vulnerabilities Disclosure January 26, 2022 We identified Ivy framework fileless attack techniques that execute undetected in Microsoft Office. Here's how with suggested security augmentations. See Details Blog
Image Defeating EDRs with Office Products January 11, 2022 We identified Ivy framework fileless attack techniques that execute undetected in Microsoft Office. Here's how with suggested security augmentations. See Details Blog
Image Automated Endpoint Evaluations – Part 3 Creating Virtual Machines and Allowed IP Address Assignment as part of a Power Automate Cloud Flow November 19, 2021 This post discusses the creation of Azure test virtual machines and assigning an allowed IP address as part of a Power Automate cloud flow. See Details Blog
Image Automated Endpoint Evaluations – Part 2 October 07, 2021 This video discusses Optiv's creation of Azure Resource Groups and Security Groups as part of a Power Automate Cloud Flow. See Details Blog
Image Microsoft 365 OAuth Device Code Flow and Phishing August 17, 2021 We leveraged Microsoft’s OAuth authorization flow for a phishing attack. Here’s step-by-step guidance on how to conduct it for security assessment. See Details Blog
Image Automated Endpoint Evaluations – Part 1 August 12, 2021 Optiv researcher Dan Kiraly examines automated endpoint evaluations in the first technical video of a series. See Details Blog
Image PetitPotam & Active Directory Certificate Services August 10, 2021 Multiple CVEs involving Active Directory Certificate Services and a new NTLM relay attack can be chained to compromise an Active Directory domain. See Details Blog
Image Go365: Office 365 Password Spraying Tool June 17, 2021 Go365 performs user enumeration and password spraying attacks on organizations that use Office 365. See Details Blog
Image Kubernetes Attack Surface June 17, 2021 Optiv highlights the attack strategy of using forged Kerberos tickets to compromise a domain, and provides ways to defend against it. See Details Blog
Image Kerberos - A Domains Achille's Heel June 02, 2021 Optiv highlights the attack strategy of using forged Kerberos tickets to compromise a domain, and provides ways to defend against it. See Details Blog
Image Phone-Pretexting - Mastering Social Engineering Savior-Faire May 27, 2021 I will discuss how to carry out phone pretexting calls for engagements, including how to begin reconnaissance, how to build a scenario, preparing for... See Details Video