Executive Blog
Hear from security leaders at NetSPI as they explore the latest cybersecurity strategies and the most impactful trends affecting the industry today.
Our Favorite Picks
Penetration Testing for Compliance: Achieving SOC 2, PCI DSS, and HIPAA
Discover how penetration testing ensures compliance with SOC 2, PCI DSS, and HIPAA, safeguarding data, mitigating risks, and building trust in a data-driven world.
Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning
These questions will kickstart your journey into Adversarial Machine Learning and AI security with key considerations from the start.
Annual Pentest? Done. How Proactive Security Covers the Other 50 Weeks in a Year
Explore proactive security from a CISO’s lens. Tim MalcomVetter and Aaron Shilts discuss shifting from point-in-time pentesting to proactive security.
Stay Ahead of Cloud Threats: Introducing Azure and AWS Security Reviews
Discover how NetSPI’s Azure & AWS Configuration Reviews provide continuous visibility, risk identification, and actionable insights to secure your cloud environments.
Ready for Red Teaming? How to Design Realistic, Intelligence-Driven Scenarios
By adopting an adversarial mindset, you can uncover the blind spots that automated scans often miss, shifting from a reactive stance to a proactive, battle-tested defense.
CVE-2026-1731 – BeyondTrust RCE Overview and Takeaways
Learn about CVE-2026-1731, a critical RCE vulnerability in BeyondTrust RS & PRA products. Discover its impact, affected versions, and remediation steps.
Ivanti Endpoint Manager Mobile (EPMM) [CVE-2026-1281 & CVE-2026-1340]: Overview & Takeaways
Ivanti has disclosed two critical zero‑day vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE‑2026‑1281 and CVE‑2026‑1340. Both vulnerabilities have been exploited in active attacks and allow unauthenticated remote threat actors to compromise EPMM appliances.
Why Your Security Program Needs Domain Monitoring
NetSPI Domain Monitoring continuously discovers and assesses look-alike domains related to your organization, providing deep contextual intelligence including risk profiles, WHOIS records, IP details, DNS records, and certificate data. The NetSPI Platform streamlines response, enabling rapid action against high-risk domains.
Oracle WebLogic Server Proxy Plugin (CVE-2026-21962): Overview & Takeaways
CVE-2026-21962 allows an unauthenticated remote attacker to bypass security controls and potentially gain unauthorized access to backend WebLogic systems. Because these proxy plugins often sit in DMZ environments, the exposure is significant.
Tackling Technical Debt before It Owns Your Roadmap
Discover how prioritizing pentest findings and technical debt in Q1 can transform your security strategy. Read the article for actionable insights.
Webinar Recap: The AI Balancing Act: Benchmarking LLMs for Usability vs. Security
Explore how security teams balance usability and risk in LLMs, with insights on vulnerabilities, compliance, and a framework for effective AI benchmarking.
How Secure Are Your SaaS Applications? Pentesting for SaaS Providers
Proactive SaaS pentesting protects data, ensures compliance, and builds trust. Learn best practices for securing APIs and cloud apps.
NetSPI Celebrates Our 2025 Partners of the Year
Congratulations to NetSPI’s 2025 Partner of the Year Recipients Stratascale, Defy Security, VLCM, BlackLake Security, Consortium, Softcat, CDW UK, ConnexIT, and AWS.
When Your AI Provider Goes Bankrupt: 6 CISO Insights to Stay Ahead of AI Vendor Failure
AI vendor failure poses risks to data, security, and operations. Learn six CISO strategies to prepare for instability and protect your organisation effectively.
What Cybersecurity Actually Looks Like in 2026
Discover 2026’s top cybersecurity trends: AI, cloud, social engineering, and digital resilience. Stay ahead with a proactive security strategy.