Deep Dive
Why did Mark Goodwin join Bishop Fox?
Mark joined Bishop Fox in March 2020 to work on the Cosmos platform, which focuses on continuous offensive security at scale, aligning with his interest in staying ahead of nation-state actors and emerging threats.
What is the primary goal of Bishop Fox's Cosmos platform?
The Cosmos platform aims to provide continuous offensive security testing at scale, helping customers identify and address vulnerabilities before malicious actors can exploit them.
How does Bishop Fox differentiate between red teaming and continuous external pen testing?
Red teaming involves high-stakes, stealthy operations where the goal is to avoid detection, while continuous external pen testing aims to be detected as a positive sign of effective security measures.
What are some key features of the Cosmos platform?
Cosmos includes automated attack surface discovery, continuous web application pen testing, and prioritization of vulnerabilities, with plans to expand into internal pen testing.
Why is subdomain takeover a critical focus for Cosmos?
Subdomain takeover vulnerabilities can lead to phishing attacks, credential harvesting, and damage to customer trust, making them a high-priority issue for Cosmos to address.
How does Cosmos handle large enterprise attack surfaces?
Cosmos uses a breadth-first approach to identify subsidiaries and domains, leveraging tools and open-source intelligence to build a comprehensive attack surface before conducting depth-first vulnerability assessments.
What role does AI and LLMs play in Cosmos's future?
AI and LLMs are being explored to enhance attack surface discovery, improve vulnerability prioritization, and streamline processes like parsing SEC filings and other data sources for faster, more accurate insights.
How does Cosmos balance automation with human expertise?
Cosmos automates low-level, repetitive tasks like identifying directory listings or subdomain takeovers, while reserving more complex, creative exploits for human operators to ensure validated, high-quality findings.
What challenges does Cosmos face in managing continuous security testing?
The main challenges include prioritizing vulnerabilities across large attack surfaces, ensuring continuous scanning without overwhelming customers, and staying ahead of emerging threats to maintain high signal-to-noise ratios.
How has SOC 2 compliance impacted Bishop Fox?
SOC 2 compliance has helped Bishop Fox ensure internal processes align with best practices, but it hasn't directly driven new business. Customers typically handle SOC 2 compliance internally based on findings provided by Bishop Fox.
Shownotes Transcript