Taking a purely defensive perspective—one that abstains from getting the attacker's viewpoint—means your defenses will have holes in it.

Traditionally, neither Microsoft nor Google disables the use of legacy protocols by default. The reason is legacy protocols are used by...

The growing number of high-profile attacks combined with the countless ones no one has heard of is why we abide by the assumed breach model.

Pathfynder is a veteran-owned small business with offices in Montana, North Carolina, and Washington, D.C.

How do we suggest measuring your cybersecurity assessment performances? The best answer is some function of the adversarial level of effort.

Here is an analysis of the most common ways an attacker will target your business using our experience at Pathfynder as a proxy.

The Battle of Bastion sheds light on the difficulty of being on the defense. Cybersecurity by its nature is defensive which puts...

Cybersecurity is an ever-evolving industry. But while the tools themselves will continue to change, the underlying investigative...

While Signal is an outstanding encrypted communications tool, activating disappearing messages is necessary to prevent adversaries from...

Poor password management is responsible for the majority of cyber breaches and is still a very preventable vulnerability. Here is a guide...

Microsoft 0365 & Google Workspace audits are a great example of "low-hanging fruit" initiatives that produce enormous benefits to your org.

Purple Team engagements - with their focus on collaboration & shared outcomes - are great options to build skills of blue team defenders.

A true confession from a well-trained executive on being duped by a highly targeted phishing campaign.

Pathfynder’s insider threat solution distills highly manual processes into automated playbooks designed, tested, & implemented by experts.

While the work from home advantage is clear for some businesses, leaders need to understand how this new reality impacts security postures.