Introduction When enterprise software gets old, should we consider it tried-and-true, or decrepit and a threat, like the superglue holding the soles of my running shoes together? Old software that’s been humming around in the background hasn’t necessarily broken, but that doesn’t mean that you can necessarily trust it; in fact there should be a […]
Since GRIMM’s inception, our dedicated teams have helped build confidence in clients’ underlying security posture — largely through demonstrating the business impact of vulnerable systems during client engagements. GRIMM teams have covered functional areas in Application Security, Cyber-Physical (aka CyPhy), Tailored Software, Training, and CISO-level consulting. Many of GRIMM’s client engagements include an element of
The SCYTHE team is excited to announce that our latest release gives you the power of Atomic Red Team with all the automation and ease of use of the SCYTHE platform. Plus, you can now create and share your own SCYTHE threats allowing the ecosystem of adversary simulation to expand via the community! What’s new in version 2.4? Signature
Many of the conveniences brought via modern tools, operating systems, and applications also bring means for an adversary to execute actions while under the guise of a valid service. This is seen distinctly in the increased use of Fileless Malware. Fileless Malware can be broadly defined as execution of malicious instructions in memory with no
Paintball with a purpose. That was the theme for the 6th Annual Purple Event, hosted by the West Michigan Cyber Security Consortium (WMCSC) on October 10th at the West Michigan Center for Arts and Technology (WMCAT) facility. A purple-team cyber competition is unique in that it consists of teams made up of five offensive (red) and five
When I started GRIMM, I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry and the greater business and government communities. Two and a half years ago, one of those challenges was brought to the company because of our reputation. A Fortune 50 company had been breached and suffered significant damages.
The void in the cybersecurity workforce is compounding the level of risk faced by enterprises. The global shortage of skilled security workers could reach 1.8 million in the next five years according to the Center for Cyber Safety and Education. Contrast this with plans to boost security teams hiring by at least 15 percent in the