Executive Blog
Hear from security leaders at NetSPI as they explore the latest cybersecurity strategies and the most impactful trends affecting the industry today.
Our Favorite Picks
Penetration Testing for Compliance: Achieving SOC 2, PCI DSS, and HIPAA
Discover how penetration testing ensures compliance with SOC 2, PCI DSS, and HIPAA, safeguarding data, mitigating risks, and building trust in a data-driven world.
Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning
These questions will kickstart your journey into Adversarial Machine Learning and AI security with key considerations from the start.
Annual Pentest? Done. How Proactive Security Covers the Other 50 Weeks in a Year
Explore proactive security from a CISO’s lens. Tim MalcomVetter and Aaron Shilts discuss shifting from point-in-time pentesting to proactive security.
Q1 2026 Critical Vulnerability Roundup: Mitigating Risk
Discover the top critical vulnerabilities of 2026 identified by Team NetSPI and learn how proactive security measures can protect your strategic business initiatives.
Anthropic’s Mythos Announcement: What it Means for Security Teams
Anthropic’s Mythos accelerates automated vulnerability discovery. Read how to mitigate risk with custom benchmarks and human verification in your workflows.
Regulatory-Ready Security: Ensuring FCC Compliance for Routers
Last week, the FCC released a major update to the “Covered List”, officially adding foreign-produced consumer-grade routers to the registry of equipment deemed a threat to national security. This declaration was in part due to the discovery of backdoors in select routers that used standard apps in an attack chain to create a backdoor into seemingly protected networks.
CVE-2026-35616 & CVE-2026-21643 – Fortinet FortiClientEMS: Overview & Takeaways
Fortinet has disclosed two critical vulnerabilities in FortiClient Endpoint Management Server (EMS) that are both under active exploitation in the wild.
AI Fools Week: Don’t Let AI Fool Your Pentesting Strategy
AI is transforming penetration testing. It promises speed, scale, and automation. But here is the catch. When used in isolation, AI can create a false sense of security. And that is no joke. A modern approach to pentesting requires balance, combining the efficiency of AI with the expertise of human testers. Without that balance, organizations risk missing what matters most.
LiteLLM Supply Chain Compromise
A supply chain attack compromised LiteLLM versions 1.82.7 and 1.82.8 on PyPI, exfiltrating credentials and secrets to an attacker-controlled server.
Meet NetSPI’s Modern Pentesting Experience: Use Case-Driven, AI-Accelerated
The new NetSPI experience represents the next evolution of pentesting—smarter, faster, and designed for scale.
Forrester Recognizes NetSPI in Proactive Security Landscape Report
NetSPI has been recognized among Notable Vendors in the Forrester Proactive Security Platforms Landscape, Q1 2026. Learn how we unify ASM, VRM, and pentesting.
CVE-2025-26399 SolarWinds Web Help Desk Overview and Takeaways
A critical vulnerability (CVE-2025-26399) has been identified in SolarWinds Web Help Desk, which allows unauthenticated remote attackers to execute arbitrary code on affected systems. Although CVE-2025-26399 was originally disclosed in 2025, recent reports confirm this vulnerability is now being actively exploited in the wild.
NetSPI Recognized for Second Consecutive Year by GigaOm
For the second consecutive year, NetSPI has been recognized in the GigaOm Radar Report for Attack Surface Management.
CVE-2026-20127 – Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Overview & Takeaways
A critical authentication bypass vulnerability (CVE-2026-20127) has been identified in Cisco Catalyst SD-WAN Controller and Manager. This flaw allows unauthenticated, remote attackers to gain administrative privileges on affected systems. Exploitation in the wild has been confirmed, and immediate action is required to mitigate risk.
Stay Ahead of Cloud Threats: Introducing Azure and AWS Security Reviews
Discover how NetSPI’s Azure & AWS Configuration Reviews provide continuous visibility, risk identification, and actionable insights to secure your cloud environments.