Offensivesecurity

A Sage 300 Case Study
22 min read

A Sage 300 Case Study

In modern cyberattacks, threat actors will often begin their attacks against enterprises by obtaining low-privileged access to a single system in the...

Read More >
Control Gap Vulnerability Roundup: July 1st to 8th
3 min read

Control Gap Vulnerability Roundup: July 1st to 8th

This week saw the publication of 330 new CVE IDs. Of those, 296 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More >
Our Offensive Security Hiring Process
2 min read

Our Offensive Security Hiring Process

Control Gap is expanding our Offensive Security team and looking for talented individuals. To ensure that we have the right team, we needed a better...

Read More >
The MS Exchange - World-Wide Exploitation | blog,zeroday,offensivesecurity | Control Gap
2 min read

The MS Exchange - World-Wide Exploitation | blog,zeroday,offensivesecurity | Control Gap

For organizations running on-premise Microsoft Exchange servers, we want to make you aware of four severe zero-day vulnerabilities announced on...

Read More >
LLMNR / NBT-NS: You’re Poison!
4 min read

LLMNR / NBT-NS: You’re Poison!

Attention Windows sysadmins: search for "LLMNR" and once you've finished panicking, then get that nonsense disabled.

Read More >
The 3 Approaches to Penetration Testing for PCI DSS | blog | Control Gap
4 min read

The 3 Approaches to Penetration Testing for PCI DSS | blog | Control Gap

Understanding PCI DSS requirements in depth can often be confusing and frustrating. The requirements covering penetration testing, PCI DSS 11.3, are...

Read More >