Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Bishop Fox

Bishop Fox is the leading authority in offensive security, providing solutions ranging from continuous penetration testing, red teaming, and attack surface management to product, cloud, and application security assessments. We've worked with more than 25% of the Fortune 100, half of the Fortune 10, eight of the top 10 global technology companies, and all of the top global media companies to improve their security. Our Cosmos platform was named Best Emerging Technology in the 2021 SC Media Awards and our offerings are consistently ranked as "world class" in customer experience surveys. We're an active participant in the security community and have published more than 16 open source tools and 50 security advisories in the last five years. Learn more at or follow us on Twitter.

Our Website:

Latest Content From Bishop Fox

E-Book: The Wolf in Sheep's Clothing: How Low-Risk Exposures Lead to Destructive Attacks

by Bishop FoxJun 15, 2022

While high-profile exposures make headlines, the biggest risks are often vulnerabilities that are much less glamorous but much easier to exploit, offering useful footholds for attackers.

In this eBook, we explore:

  • Commonly observed low-risk exposures and how they lead to destructive attacks
  • Examples of exposures found in real-world environments
  • How attack surface management and continuous pen testing can help you uncover, assess, prioritize, and remediate these types of "innocuous" exposures

E-Book: The Offensive Security Guide to Ransomware Readiness

by Bishop FoxJun 15, 2022

Ransomware attacks can derail business operations for companies big and small, and technology alone can't prevent these attacks. Threat preparation requires a "whole of company" approach.

Our ransomware readiness guide helps you develop a roadmap for your organization that gets security and extended teams aligned to:

  • Understand your current state of ransomware readiness
  • Prepare for ransomware attacks
  • Identify gaps in your current strategy
  • Measure progress to continually enhance readiness

E-Book: Shifting Left: A DevSecOps Field Guide

by Bishop FoxJun 15, 2022

DevSecOps, when done correctly, can transform how quickly businesses can develop and deploy applications securely. Yet many organizations struggle to put it into practice. Our eBook offers practical recommendations on:

  • How developers and security teams can move towards a DevSecOps model in any organization — with shared responsibility and a repeatable process
  • Which tooling and approaches to consider for application security
  • Implementing DevSecOps without impacting innovation and deadlines

E-Book: Making the Business Case for Continuous Offensive Security

by Bishop FoxJun 15, 2022

Continuous offensive security solutions enable organizations to achieve better security outcomes at a fraction of the cost of other approaches. However, justifying investment in additional security solutions can be challenging without a strong business case.

Our guide contains:

  • The factors, inputs, and calculations for making a business case for continuous offensive testing
  • A return on investment (ROI) model customizable to your business
  • Industry statistics to benchmark your costs and risk

E-Book: 20 Tips to Make the Most of Your Pen Test

by Bishop FoxJun 15, 2022

Learn the common penetration test pitfalls that can cost you in terms of quality, project delays, or unnecessary expense — and twenty tips to help you avoid them.

Whether you're a pen test veteran, or are about to contract your first one, this resource guides you through process, from pre-assessment to the final report.

These tips include how to:

  • Scope the right assessment for your needs
  • Set up your project for success from the start
  • Improve communication and efficiency throughout the process