Ophion Security

Presenting on some fun stuff with @OphionSecurity this year at @_kernelcon_ and @bsidesseattle. Come for the talk, stay for the vulnerabilities. #vulnerabilities #bugbounty #attacksurfacemanagement

Live chat histories contain treasure trove of data. From answers to security questions to credentials and more. We found a way to access it all in Cisco's Webex Connect. Read here: ophionsecurity.com/post/cisco-web… #vulnerability #vulnerabilitydisclosure #attacksurfacemanagement

We are actively scanning Microsoft's GitHub organization and more than 150k repositories and 5k users. You can do the same for your organization starting today. Check out the demo: app.storylane.io/share/uj1vg9vo… #githubactions #githubsecurity #attacksurfacemanagement

Thanks for the shout! We love all the episodes coming out! Looking forward to sharing more research blogs in coming months.

Endless security reviews, questionnaires, and compliance can be a nightmare when selling to enterprises. 🛡️ What if you could handle it all in one platform? Pentests, Questionnaires, & more. Check it out: ophionsecurity.com/use-case/secur… #Cybersecurity #SaaS #SecurityCompliance

A simple cookie value allowed disclosing chats of hundreds to thousands of users through a Live Chat integration. Learn more on blog one of two from our Live Chat security research. ophionsecurity.com/post/live-chat… #vulnerabilitydisclosure #livechat #ophionsecuritylab

Yay, I was awarded a $37,500 bounty on @Hacker0x01! hackerone.com/ophionsecurity. Had a fun time hacking AWS at @HackerOne's LHE on Edinburgh. #TogetherWeHitHarder

How should at-scale offensive scanning work? What values do they provide to companies? Checkout a recent podcast @mallocsys did with FireTail's Jeremy Snyder about it: youtube.com/watch?v=RBg75x…

That’s what we call 0 bullshit, no FUD hacking. Research ➡️ find vulns ➡️ write exploits ➡️ report.

Flight from Vegas after Defcon got delayed…hacked for 2 hours during the delay…reported a P2 on Square…got paid. I love hacking. #bugbounty #hacking

Increase your sticker game with these stickers next week at BlackHat and DEF CON. #hackersummercamp #defcon #blackhat2024

There is no such thing as too much data when building context based scanners. More data -> more knowledge -> more research -> more vulnerabilities to identify and resolve 💻

Orion in the real world 🤩

Traditional ASMs are too noisy and full of false positives. An offensive context-based approach to attack surface management reduces vulnerabilities and helps internal teams identify and mitigate more vulnerabilities. Learn how Orion can help you today. ophionsecurity.com/start-trial

We had an amazing time at BSides SF meeting with everyone and discussing pain points with traditional attack surface management. Thank you for having us @BSidesSF! #attacksurfacemanagement #bsidessf

That's it. That's the tweet.

Nothing better than when a product you have been developing for past few months finds another critical on a Monday evening.

Attack Surface Management should be proactive not reactive. Meet the Ophion team at BSides SF to learn how Orion can help you identify and monitor for vulnerabilities in your assets including supply-chain dependencies, SaaS deployments, on-premise applications and more. #bsidessf

Ophion Security will be at BSides SF from May 04 - 05, 2024. Come check out our booth and learn how Orion, our Attack Surface Management product can be your offensive security partner. Check out our subscription packages at ophionsecurity.com/subscriptions