Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Up-to-date information and research on red and blue
team security capabilities, objective tools analysis, new
research and step-by-step solutions.
The Source Zero® platform is a community of Optiv’s skilled individuals doing research and sharing their expertise. The Source Zero Tools are resources that provide actionable support and demonstrations around research initiatives.
2022 Source Zero Con Videos
View the 2022 Source Zero Con Content On-Demand.
March 24, 2021
Firefox’s appsec add-ons make it a useful tool for new pen testers who can’t afford professional tools.
March 22, 2021
MobileIron MDM exposes account enumeration and SFA to unauthenticated attacks. This analysis details how to mitigate this vulnerability.
March 18, 2021
Given Office product functionality, it’s possible for adversaries to leverage Outlook's COM interface in attacks for extended persistence.
February 17, 2021
Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks.
February 03, 2021
Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote.
February 02, 2021
This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product.
February 01, 2021
Toolsets have evolved for high-fidelity forensics and investigations – here we map them to the MITRE ATT&CK framework for Enterprise Cloud.
December 11, 2020
Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks.
November 05, 2020
A security vulnerability has been found in the Black Duck Hub REST API Python project (“blackduck” in the PyPI repository). Read more.
November 04, 2020
How to copy updated WinAutomation databases for RPA with Azure custom script extensions – part five of a series.
Part four in the series: setting up RPA with WinAutomation.
How to use Power Automate flows and Azure runbooks to tear down Azure resources and reply to emails – Dan Kiraly explains in part 7 of the series.
Introducing Source Zero
Our new technical cybersecurity thought leadership resource, Source Zero, focuses on red and blue team security capabilities, objective tools analysis, and more.