Every Solution You Can Imagine – and More What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Image Up-to-date information and research on red and blue team security capabilities, objective tools analysis, new research and step-by-step solutions. The Source Zero® platform is a community of Optiv’s skilled individuals doing research and sharing their expertise. The Source Zero Tools are resources that provide actionable support and demonstrations around research initiatives. Image 2022 Source Zero Con Videos View the 2022 Source Zero Con Content On-Demand. Visit Source Zero 2022 Search Terms Type - Any -BlogToolVideo Team - Any -RedBluePurple/No Team Sort By LatestOldest Image Firefox Addons For Application Security Testing March 24, 2021 Firefox’s appsec add-ons make it a useful tool for new pen testers who can’t afford professional tools. See Details Blog Image MobileIron MDM Contains Static Key Allowing Account Enumeration March 22, 2021 MobileIron MDM exposes account enumeration and SFA to unauthenticated attacks. This analysis details how to mitigate this vulnerability. See Details Blog Image BadOutlook for C2 March 18, 2021 Given Office product functionality, it’s possible for adversaries to leverage Outlook's COM interface in attacks for extended persistence. See Details Blog Image Automating Captcha Attacks February 17, 2021 Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks. See Details Blog Image EDR and Blending In: How Attackers Avoid Getting Caught February 03, 2021 Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote. See Details Blog Image Endpoint Detection and Response: How Hackers Have Evolved February 02, 2021 This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product. See Details Blog Image The Evolution of Cloud Forensics and Incident Response February 01, 2021 Toolsets have evolved for high-fidelity forensics and investigations – here we map them to the MITRE ATT&CK framework for Enterprise Cloud. See Details Blog Image Abusing AirWatch MDM Services to Bypass MFA December 11, 2020 Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks. See Details Blog Image Certificate Validation Disabled in Black Duck API Wrapper November 05, 2020 A security vulnerability has been found in the Black Duck Hub REST API Python project (“blackduck” in the PyPI repository). Read more. See Details Blog Image Copying Updated WinAutomation Databases for RPA With Azure Custom Script Extensions November 04, 2020 How to copy updated WinAutomation databases for RPA with Azure custom script extensions – part five of a series. See Details Blog Image Robotic Process Automation with WinAutomation November 04, 2020 Part four in the series: setting up RPA with WinAutomation. See Details Blog Image Tearing Down Azure Resources and Replying to Emails Using Power Automate Flows and Azure Runbooks November 04, 2020 How to use Power Automate flows and Azure runbooks to tear down Azure resources and reply to emails – Dan Kiraly explains in part 7 of the series. See Details Blog Pagination First page « First Previous page ‹ Previous Page 1 Page 2 Page 3 Current page 4 Page 5 Page 6 Next page Next › Last page Last » Introducing Source Zero Our new technical cybersecurity thought leadership resource, Source Zero, focuses on red and blue team security capabilities, objective tools analysis, and more.
Image Firefox Addons For Application Security Testing March 24, 2021 Firefox’s appsec add-ons make it a useful tool for new pen testers who can’t afford professional tools. See Details Blog
Image MobileIron MDM Contains Static Key Allowing Account Enumeration March 22, 2021 MobileIron MDM exposes account enumeration and SFA to unauthenticated attacks. This analysis details how to mitigate this vulnerability. See Details Blog
Image BadOutlook for C2 March 18, 2021 Given Office product functionality, it’s possible for adversaries to leverage Outlook's COM interface in attacks for extended persistence. See Details Blog
Image Automating Captcha Attacks February 17, 2021 Captcha images don’t provide robust protection as a primary security control. This analysis explores how to prevent automated (bot) attacks. See Details Blog
Image EDR and Blending In: How Attackers Avoid Getting Caught February 03, 2021 Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote. See Details Blog
Image Endpoint Detection and Response: How Hackers Have Evolved February 02, 2021 This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product. See Details Blog
Image The Evolution of Cloud Forensics and Incident Response February 01, 2021 Toolsets have evolved for high-fidelity forensics and investigations – here we map them to the MITRE ATT&CK framework for Enterprise Cloud. See Details Blog
Image Abusing AirWatch MDM Services to Bypass MFA December 11, 2020 Our team describes how single-factor authentication attack surfaces can be exposed in the AirWatch MDM suite and what steps to take to mitigate risks. See Details Blog
Image Certificate Validation Disabled in Black Duck API Wrapper November 05, 2020 A security vulnerability has been found in the Black Duck Hub REST API Python project (“blackduck” in the PyPI repository). Read more. See Details Blog
Image Copying Updated WinAutomation Databases for RPA With Azure Custom Script Extensions November 04, 2020 How to copy updated WinAutomation databases for RPA with Azure custom script extensions – part five of a series. See Details Blog
Image Robotic Process Automation with WinAutomation November 04, 2020 Part four in the series: setting up RPA with WinAutomation. See Details Blog
Image Tearing Down Azure Resources and Replying to Emails Using Power Automate Flows and Azure Runbooks November 04, 2020 How to use Power Automate flows and Azure runbooks to tear down Azure resources and reply to emails – Dan Kiraly explains in part 7 of the series. See Details Blog