Bishop Fox
@bishopfox.bsky.social
A leading provider of #offensivesecurity solutions & contributor to the #infosec community. #pentesting #hacking
Pinned
Bishop Fox
@bishopfox.bsky.social
· Jan 28
Hello, Bluesky!
We’re Bishop Fox, leaders in offensive security for nearly 20 years. From pentesting to attack surface management with Cosmos, we help organizations stay ahead of attackers.
Follow us for insights, research, and cybersecurity updates!
#cybersecurity #offensivesecurity #pentesting
We’re Bishop Fox, leaders in offensive security for nearly 20 years. From pentesting to attack surface management with Cosmos, we help organizations stay ahead of attackers.
Follow us for insights, research, and cybersecurity updates!
#cybersecurity #offensivesecurity #pentesting
We’ll be at #BSidesATL Saturday, Nov 15 as a Silver Sponsor!
Come say hi at the Bishop Fox booth, meet the team, and talk all things offensive security.
KSU Center – Kennesaw, GA
Come say hi at the Bishop Fox booth, meet the team, and talk all things offensive security.
KSU Center – Kennesaw, GA
November 7, 2025 at 8:00 PM
We’ll be at #BSidesATL Saturday, Nov 15 as a Silver Sponsor!
Come say hi at the Bishop Fox booth, meet the team, and talk all things offensive security.
KSU Center – Kennesaw, GA
Come say hi at the Bishop Fox booth, meet the team, and talk all things offensive security.
KSU Center – Kennesaw, GA
Want to really understand LLM security?
Our latest blog breaks down the best Capture the Flag challenges for testing and defending large language models.
Full list: bishopfox.com/blog/ready-t...
Our latest blog breaks down the best Capture the Flag challenges for testing and defending large language models.
Full list: bishopfox.com/blog/ready-t...
November 6, 2025 at 9:49 PM
Want to really understand LLM security?
Our latest blog breaks down the best Capture the Flag challenges for testing and defending large language models.
Full list: bishopfox.com/blog/ready-t...
Our latest blog breaks down the best Capture the Flag challenges for testing and defending large language models.
Full list: bishopfox.com/blog/ready-t...
Definitely worth a listen. Two great minds in cybersec!
Matt Johansen: Vulnerability and Mental Health in Cybersecurity.
Matt Johansen: Vulnerability and Mental Health in Cybersecurity. - Phillip Wylie
About the Guest: Matt Johanson, known as Matt J, is a seasoned cybersecurity professional and an active content creator within the industry. With a rich background that spans across various facets of cybersecurity, Matt’s expertise ranges from practical experience in offensive security to leadership roles in software security. His journey began with computer programming in…
thehackermaker.com
November 5, 2025 at 9:07 PM
Definitely worth a listen. Two great minds in cybersec!
Happening tomorrow at OWASP Global AppSec in DC:
Senior Security Consultant Nick Cerne will present “Peeling Back the Plastic: Finding 0-Days in IoT Devices.”
And join us Friday night at Flight Club for drinks, darts, and good times!
Nov. 6-7 | Washington, D.C.
RSVP: partiful.com/e/otaKEF0mqB...
Senior Security Consultant Nick Cerne will present “Peeling Back the Plastic: Finding 0-Days in IoT Devices.”
And join us Friday night at Flight Club for drinks, darts, and good times!
Nov. 6-7 | Washington, D.C.
RSVP: partiful.com/e/otaKEF0mqB...
November 5, 2025 at 7:23 PM
Happening tomorrow at OWASP Global AppSec in DC:
Senior Security Consultant Nick Cerne will present “Peeling Back the Plastic: Finding 0-Days in IoT Devices.”
And join us Friday night at Flight Club for drinks, darts, and good times!
Nov. 6-7 | Washington, D.C.
RSVP: partiful.com/e/otaKEF0mqB...
Senior Security Consultant Nick Cerne will present “Peeling Back the Plastic: Finding 0-Days in IoT Devices.”
And join us Friday night at Flight Club for drinks, darts, and good times!
Nov. 6-7 | Washington, D.C.
RSVP: partiful.com/e/otaKEF0mqB...
New from Bishop Fox: Burp Variables, a Burp Suite extension that automates variable handling.
Define once. Reuse everywhere. No more manual token edits!
bishopfox.com/blog/burp-va...
Define once. Reuse everywhere. No more manual token edits!
bishopfox.com/blog/burp-va...
October 16, 2025 at 3:46 PM
New from Bishop Fox: Burp Variables, a Burp Suite extension that automates variable handling.
Define once. Reuse everywhere. No more manual token edits!
bishopfox.com/blog/burp-va...
Define once. Reuse everywhere. No more manual token edits!
bishopfox.com/blog/burp-va...
Tomorrow @ 2 EDT: Demystifying 5G Security w/ Drew Jones.
Real-world tactics for testing & defending 5G networks.
Save your seat: bishopfox.com/resources/5g...
Real-world tactics for testing & defending 5G networks.
Save your seat: bishopfox.com/resources/5g...
October 15, 2025 at 8:32 PM
Tomorrow @ 2 EDT: Demystifying 5G Security w/ Drew Jones.
Real-world tactics for testing & defending 5G networks.
Save your seat: bishopfox.com/resources/5g...
Real-world tactics for testing & defending 5G networks.
Save your seat: bishopfox.com/resources/5g...
Working on DORA compliance?
Bishop Fox’s FAQ guide breaks down Threat-Led Pen Testing from planning to reporting.
bishopfox.com/resources/gu...
#DORA #TLPT
Bishop Fox’s FAQ guide breaks down Threat-Led Pen Testing from planning to reporting.
bishopfox.com/resources/gu...
#DORA #TLPT
October 14, 2025 at 4:04 PM
Working on DORA compliance?
Bishop Fox’s FAQ guide breaks down Threat-Led Pen Testing from planning to reporting.
bishopfox.com/resources/gu...
#DORA #TLPT
Bishop Fox’s FAQ guide breaks down Threat-Led Pen Testing from planning to reporting.
bishopfox.com/resources/gu...
#DORA #TLPT
A $20 smart device. A curious researcher.
Bishop Fox’s Nick Cerne found some new vulnerabilities that could literally open your front door.
Read his story → bishopfox.com/blog/how-a-2...
#IoTSecurity
Bishop Fox’s Nick Cerne found some new vulnerabilities that could literally open your front door.
Read his story → bishopfox.com/blog/how-a-2...
#IoTSecurity
October 10, 2025 at 7:48 PM
A $20 smart device. A curious researcher.
Bishop Fox’s Nick Cerne found some new vulnerabilities that could literally open your front door.
Read his story → bishopfox.com/blog/how-a-2...
#IoTSecurity
Bishop Fox’s Nick Cerne found some new vulnerabilities that could literally open your front door.
Read his story → bishopfox.com/blog/how-a-2...
#IoTSecurity
🚨 New Bishop Fox advisory: YoSmart YoLink Hub (v0382) found vulnerable.
Attackers could:
• Remotely control devices
• Intercept traffic
• Hijack sessions
Details: bishopfox.com/blog/yosmart...
Attackers could:
• Remotely control devices
• Intercept traffic
• Hijack sessions
Details: bishopfox.com/blog/yosmart...
Yolink Hub — VERSION 382 — SUMMARY
The following document describes identified vulnerabilities in the YoLink Hub smart device version 0382.
bishopfox.com
October 2, 2025 at 8:12 PM
🚨 New Bishop Fox advisory: YoSmart YoLink Hub (v0382) found vulnerable.
Attackers could:
• Remotely control devices
• Intercept traffic
• Hijack sessions
Details: bishopfox.com/blog/yosmart...
Attackers could:
• Remotely control devices
• Intercept traffic
• Hijack sessions
Details: bishopfox.com/blog/yosmart...
We’re live with cloud expert Mitchell Sperling talking CloudFox!
Join here: bishopfox.com/resources/cl...
Join here: bishopfox.com/resources/cl...
October 1, 2025 at 6:05 PM
We’re live with cloud expert Mitchell Sperling talking CloudFox!
Join here: bishopfox.com/resources/cl...
Join here: bishopfox.com/resources/cl...
Cloud enumeration is messy. CloudFox makes it manageable.
Join Senior Security Consultant Mitchell Sperling for a hands-on workshop:
📅 Oct 1 | 🕑 2 p.m. EDT / 7 p.m. BST
Learn how to find real attack paths in cloud pen tests.
Save your seat: bishopfox.com/resources/cl...
Join Senior Security Consultant Mitchell Sperling for a hands-on workshop:
📅 Oct 1 | 🕑 2 p.m. EDT / 7 p.m. BST
Learn how to find real attack paths in cloud pen tests.
Save your seat: bishopfox.com/resources/cl...
September 29, 2025 at 6:04 PM
Cloud enumeration is messy. CloudFox makes it manageable.
Join Senior Security Consultant Mitchell Sperling for a hands-on workshop:
📅 Oct 1 | 🕑 2 p.m. EDT / 7 p.m. BST
Learn how to find real attack paths in cloud pen tests.
Save your seat: bishopfox.com/resources/cl...
Join Senior Security Consultant Mitchell Sperling for a hands-on workshop:
📅 Oct 1 | 🕑 2 p.m. EDT / 7 p.m. BST
Learn how to find real attack paths in cloud pen tests.
Save your seat: bishopfox.com/resources/cl...
We’re proud to sponsor Hacker Halted 2025 + the Global CISO Forum (Oct 1–2, Atlanta).
We have a limited number of VIP badges to share — if you’re interested in attending, reach out to our team.
Details: www.linkedin.com/posts/ec-cou...
We have a limited number of VIP badges to share — if you’re interested in attending, reach out to our team.
Details: www.linkedin.com/posts/ec-cou...
#hackerhalted #globalcisoforum #cybersecurity #thankyousponsors #cyberleadership #cisoforum2025 | EC-Council
🎉 𝗔 𝗛𝘂𝗴𝗲 𝗧𝗵𝗮𝗻𝗸 𝗬𝗼𝘂 𝘁𝗼 𝗢𝘂𝗿 𝟮𝟬𝟮𝟱 𝗦𝗽𝗼𝗻𝘀𝗼𝗿𝘀! 🎉
As we gear up for Hacker Halted Cybersecurity Conference and the Global CISO Forum this October in Atlanta, we want to extend our deepest gratitude to the i...
www.linkedin.com
September 29, 2025 at 1:56 PM
We’re proud to sponsor Hacker Halted 2025 + the Global CISO Forum (Oct 1–2, Atlanta).
We have a limited number of VIP badges to share — if you’re interested in attending, reach out to our team.
Details: www.linkedin.com/posts/ec-cou...
We have a limited number of VIP badges to share — if you’re interested in attending, reach out to our team.
Details: www.linkedin.com/posts/ec-cou...
SecDSM October Meetup 🎃
📅 Thu, Oct 2 @ 6 PM
📍 Foundry Distillery, West Des Moines
Costume contest, scavenger hunt, spooky CTF, trivia & prizes (yes, whiskey!). Bishop Fox is proud to sponsor.
Details: bishopfox.com/events/secds...
📅 Thu, Oct 2 @ 6 PM
📍 Foundry Distillery, West Des Moines
Costume contest, scavenger hunt, spooky CTF, trivia & prizes (yes, whiskey!). Bishop Fox is proud to sponsor.
Details: bishopfox.com/events/secds...
September 26, 2025 at 6:26 PM
SecDSM October Meetup 🎃
📅 Thu, Oct 2 @ 6 PM
📍 Foundry Distillery, West Des Moines
Costume contest, scavenger hunt, spooky CTF, trivia & prizes (yes, whiskey!). Bishop Fox is proud to sponsor.
Details: bishopfox.com/events/secds...
📅 Thu, Oct 2 @ 6 PM
📍 Foundry Distillery, West Des Moines
Costume contest, scavenger hunt, spooky CTF, trivia & prizes (yes, whiskey!). Bishop Fox is proud to sponsor.
Details: bishopfox.com/events/secds...
CHOTINER: You believe AI alone will solve cybersecurity?
EVANGELIST: Yes, it will eventually detect everything.
CHOTINER: Including attacks run by other AI?
EVANGELIST: Well… yes, AI learns.
CHOTINER: So you’re building the attack and the defense simultaneously.
EVANGELIST: Now wait a minute-
EVANGELIST: Yes, it will eventually detect everything.
CHOTINER: Including attacks run by other AI?
EVANGELIST: Well… yes, AI learns.
CHOTINER: So you’re building the attack and the defense simultaneously.
EVANGELIST: Now wait a minute-
September 25, 2025 at 6:55 PM
CHOTINER: You believe AI alone will solve cybersecurity?
EVANGELIST: Yes, it will eventually detect everything.
CHOTINER: Including attacks run by other AI?
EVANGELIST: Well… yes, AI learns.
CHOTINER: So you’re building the attack and the defense simultaneously.
EVANGELIST: Now wait a minute-
EVANGELIST: Yes, it will eventually detect everything.
CHOTINER: Including attacks run by other AI?
EVANGELIST: Well… yes, AI learns.
CHOTINER: So you’re building the attack and the defense simultaneously.
EVANGELIST: Now wait a minute-
Think your OAuth tokens may be compromised?
Here’s what AppOmni CTO Brian Soby says you should do first:
Here’s what AppOmni CTO Brian Soby says you should do first:
September 25, 2025 at 6:36 PM
Think your OAuth tokens may be compromised?
Here’s what AppOmni CTO Brian Soby says you should do first:
Here’s what AppOmni CTO Brian Soby says you should do first:
When your SaaS vendor gets breached, it can break your whole business.
AppOmni’s CTO Brian Soby explains how a single compromise can ripple through disconnected tools, board reporting, and day-to-day ops.
Full chat with Bishop Fox CISO Christie Terrill:
bishopfox.com/resources/sa...
AppOmni’s CTO Brian Soby explains how a single compromise can ripple through disconnected tools, board reporting, and day-to-day ops.
Full chat with Bishop Fox CISO Christie Terrill:
bishopfox.com/resources/sa...
September 19, 2025 at 6:47 PM
When your SaaS vendor gets breached, it can break your whole business.
AppOmni’s CTO Brian Soby explains how a single compromise can ripple through disconnected tools, board reporting, and day-to-day ops.
Full chat with Bishop Fox CISO Christie Terrill:
bishopfox.com/resources/sa...
AppOmni’s CTO Brian Soby explains how a single compromise can ripple through disconnected tools, board reporting, and day-to-day ops.
Full chat with Bishop Fox CISO Christie Terrill:
bishopfox.com/resources/sa...
“There’s a war out there… and it’s not about bullets. It’s about who controls the information.” – Marty Bishop, Sneakers
RIP Robert Redford. Your character inspired the name Bishop Fox and our mission to keep people safe, online and off.
Always a Sneaker.
RIP Robert Redford. Your character inspired the name Bishop Fox and our mission to keep people safe, online and off.
Always a Sneaker.
September 16, 2025 at 4:56 PM
“There’s a war out there… and it’s not about bullets. It’s about who controls the information.” – Marty Bishop, Sneakers
RIP Robert Redford. Your character inspired the name Bishop Fox and our mission to keep people safe, online and off.
Always a Sneaker.
RIP Robert Redford. Your character inspired the name Bishop Fox and our mission to keep people safe, online and off.
Always a Sneaker.
Red Teaming validates controls, trains defenders, and gets everyone from SOC to the board on the same page.
bishopfox.com/blog/top-rea...
bishopfox.com/blog/top-rea...
The Top Reasons Security Leaders Choose Red Teaming
Leaders are turning to red teaming to test defenses against real-world adversaries discover why this strategy is becoming a must-have for cyber resilience.
bishopfox.com
September 8, 2025 at 6:24 PM
Red Teaming validates controls, trains defenders, and gets everyone from SOC to the board on the same page.
bishopfox.com/blog/top-rea...
bishopfox.com/blog/top-rea...
Senior Security Consultant Drew Jones dug into the 5G registration protocol and found that early connection messages aren’t encrypted, identifier privacy can break down, and devices still request null encryption: bishopfox.com/blog/demysti...
September 5, 2025 at 8:13 PM
Senior Security Consultant Drew Jones dug into the 5G registration protocol and found that early connection messages aren’t encrypted, identifier privacy can break down, and devices still request null encryption: bishopfox.com/blog/demysti...
Red Teaming only works if you’re ready for it.
This free Red Team Readiness Guide helps you align stakeholders, clarify goals, and avoid planning pitfalls.
Get it here → bishopfox.com/resources/re...
This free Red Team Readiness Guide helps you align stakeholders, clarify goals, and avoid planning pitfalls.
Get it here → bishopfox.com/resources/re...
Red Team Readiness Guide: Plan, Align, and Execute Successful…
Download our framework for planning red team operations. Learn how to align stakeholders, set objectives, and evaluate readiness before launching your red…
bishopfox.com
September 3, 2025 at 8:29 PM
Red Teaming only works if you’re ready for it.
This free Red Team Readiness Guide helps you align stakeholders, clarify goals, and avoid planning pitfalls.
Get it here → bishopfox.com/resources/re...
This free Red Team Readiness Guide helps you align stakeholders, clarify goals, and avoid planning pitfalls.
Get it here → bishopfox.com/resources/re...
Some say there’s a cybersecurity talent shortage.
But ask the thousands of grads and self-taught hackers who can’t land an entry-level role and you’ll hear a different story.
In her latest blog, @alethe.bsky.social breaks down the paradox: bishopfox.com/blog/talent-...
But ask the thousands of grads and self-taught hackers who can’t land an entry-level role and you’ll hear a different story.
In her latest blog, @alethe.bsky.social breaks down the paradox: bishopfox.com/blog/talent-...
August 28, 2025 at 7:13 PM
Some say there’s a cybersecurity talent shortage.
But ask the thousands of grads and self-taught hackers who can’t land an entry-level role and you’ll hear a different story.
In her latest blog, @alethe.bsky.social breaks down the paradox: bishopfox.com/blog/talent-...
But ask the thousands of grads and self-taught hackers who can’t land an entry-level role and you’ll hear a different story.
In her latest blog, @alethe.bsky.social breaks down the paradox: bishopfox.com/blog/talent-...
Systems get patched. If only people did...
Catch @alethe.bsky.social at #IAFCI International Training Conference breaking down the social engineering tricks driving modern financial crime: deepfakes, vishing, insider ops + more.
OKC | Aug 28 | 2:25 p.m.
Catch @alethe.bsky.social at #IAFCI International Training Conference breaking down the social engineering tricks driving modern financial crime: deepfakes, vishing, insider ops + more.
OKC | Aug 28 | 2:25 p.m.
August 25, 2025 at 3:12 PM
Systems get patched. If only people did...
Catch @alethe.bsky.social at #IAFCI International Training Conference breaking down the social engineering tricks driving modern financial crime: deepfakes, vishing, insider ops + more.
OKC | Aug 28 | 2:25 p.m.
Catch @alethe.bsky.social at #IAFCI International Training Conference breaking down the social engineering tricks driving modern financial crime: deepfakes, vishing, insider ops + more.
OKC | Aug 28 | 2:25 p.m.
🚨 We're live! 🚨
The battlefront of offensive AI is here.
Hear real-world stories, lessons, and strategies from the front lines. Happening right now!
bishopfox.com/resources/ai...
The battlefront of offensive AI is here.
Hear real-world stories, lessons, and strategies from the front lines. Happening right now!
bishopfox.com/resources/ai...
August 20, 2025 at 6:01 PM
🚨 We're live! 🚨
The battlefront of offensive AI is here.
Hear real-world stories, lessons, and strategies from the front lines. Happening right now!
bishopfox.com/resources/ai...
The battlefront of offensive AI is here.
Hear real-world stories, lessons, and strategies from the front lines. Happening right now!
bishopfox.com/resources/ai...
Cloud enumeration can eat up your whole day.
Spend ~60 minutes with us and we’ll fix that.
Live Discord Workshop with Mitchell Sperling on CloudFox - Aug 21: bishopfox.com/resources/cl...
Spend ~60 minutes with us and we’ll fix that.
Live Discord Workshop with Mitchell Sperling on CloudFox - Aug 21: bishopfox.com/resources/cl...
August 19, 2025 at 3:25 PM
Cloud enumeration can eat up your whole day.
Spend ~60 minutes with us and we’ll fix that.
Live Discord Workshop with Mitchell Sperling on CloudFox - Aug 21: bishopfox.com/resources/cl...
Spend ~60 minutes with us and we’ll fix that.
Live Discord Workshop with Mitchell Sperling on CloudFox - Aug 21: bishopfox.com/resources/cl...
If you build, deploy, or secure AI, this is your blueprint for stopping silent failures before they turn into breaches.
On Aug 20, Jessica Stinson shares AI War Stories: Silent Failures, Real Consequences.
Save your spot: bishopfox.com/resources/ai...
On Aug 20, Jessica Stinson shares AI War Stories: Silent Failures, Real Consequences.
Save your spot: bishopfox.com/resources/ai...
August 8, 2025 at 8:22 PM
If you build, deploy, or secure AI, this is your blueprint for stopping silent failures before they turn into breaches.
On Aug 20, Jessica Stinson shares AI War Stories: Silent Failures, Real Consequences.
Save your spot: bishopfox.com/resources/ai...
On Aug 20, Jessica Stinson shares AI War Stories: Silent Failures, Real Consequences.
Save your spot: bishopfox.com/resources/ai...