New Feature: Verified Stolen Credential Detection
Looking back on identity attacks in 2024 and the evolution of attacker tooling and techniques.
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. We’ve pulled together all the techniques we're aware of and added a bunch of new ones. Now updated for 2024!
In this guide on external phishing attacks via Slack, we'll show red teamers and pentesters how to get initial access as the first step in the attack kill chain.
How attackers are stealing your cookies and bypassing MFA.
Luke Jennings, VP R&D at Push Security, tears down popular AitM phishing kits to see what makes them so effective at getting through your defenses.
Phishing 2.0 – Detecting Evilginx, EvilnoVNC, Muraena and Modlishka
Snowflake: The tip of the iceberg – Three practical takeaways from the Snowflake incident.
Demonstrating ghost logins in Snowflake and how to remediate them.
The New SaaS Cyber Kill Chain: SO-CON 2024
Push CEO & co-founder Adam Bateman appeared on the RSnake show to discuss Push's browser-based ITDR product.
BlueHat 2023 - SaaS Cyber Kill Chain
Understanding the New SaaS Cyber Kill Chain
Shared Security - Compromising an Organization without Touching the Network
Pain in the SaaS
Push helped Convex Insurance enhance their identity security and gain control of shadow SaaS, closing a gap left by traditional CASB solutions.
Push helped Inductive find and secure shadow accounts and apps with high-fidelity data in a way that didn’t interfere with employees’ productivity.
Upvest partnered with Push to achieve a scalable and user-centric way to secure SaaS apps and reduce third-party risks across a complex ecosystem of integrations and apps.
