Home / Research

Research & insights.

We are researchers first. Vulnerability research, advisories, open-source tooling, and threat intelligence — published so the whole community can defend smarter, and fed straight back into every client engagement.

All Research Advisories Tooling Threat Intel

Featured Research

Identity Attack Paths in Hybrid Cloud: A Field Study

An analysis of 50+ enterprise environments reveals how a single over-privileged identity repeatedly becomes the bridge between a low-value foothold and full domain compromise — and what actually closes the gap.

Advisory

DATAIM-2026-014: Authentication Bypass in an Enterprise VPN Gateway

A pre-auth request-smuggling flaw allowed full session takeover. Coordinated disclosure and vendor patch timeline.

Threat Intel

Emulating Modern Ransomware Affiliates

How we rebuild current affiliate playbooks in the lab so blue teams train against this quarter's tradecraft, not last year's.

Tooling

Reticle: An Open-Source Attack-Path Mapper

Visualize the shortest path an attacker takes from any foothold to your most sensitive assets. Free and open source.

Research

Breaking Trust: Abusing SSO & Federation Misconfigurations

Common identity-provider misconfigurations that turn convenient single sign-on into single point of compromise.

Guidance

Hardening Kubernetes Against Lateral Movement

Practical, environment-tested controls that contain a compromised pod before it becomes a compromised cluster.

Research

From CVE to Kill Chain: Weaponizing N-Days Responsibly

Turning public vulnerabilities into reliable, safe proofs-of-concept for assessment — and why that matters for defenders.

Advisory

DATAIM-2026-009: Privilege Escalation in a Popular CI Runner

A misused token scope let any pipeline job escalate to host. Disclosure, fix, and detection guidance.

Threat Intel

Detecting Adversary-in-the-Middle Phishing

Token-theft phishing kits defeat traditional MFA. Here is what the telemetry actually looks like.

Demo listing — articles are illustrative placeholders. Wire this page to your CMS or a static content folder before launch.

Want our research applied to your stack?

Retained research and advisory engagements bring the same depth you see here — focused entirely on the technologies your business runs.