Sprocket Security

This past week, Sprocket made its Nashville debut at the Innovate Cybersecurity event! 🎸 We connected with over 100 CISOs to share how our Continuous Penetration Testing (CPT) platform helps organizations strengthen security and reduce IT risk. It’s always great to share our continuous, hybrid approach to pentesting with the community. And hey, shoutout to the CISOs who voted Sprocket as having the best logo among all the sponsors! 😎🔥

Our next Pentesters Chat is coming up in just a couple of weeks! Join us Friday, May 2 at 12pm CT/1pm ET as our team of testers dive deep into offensive security engagements. You'll get key insights from our expert pentesters as they discuss: - The difference in the type of engagements (legacy vs. continuous penetration testing, red team engagements, social engineering, adversary simulation, threat hunting, and more! - How should you decide what engagement type your organization needs? - Collaboration and communication between testers and internal security teams. - Mitigating risks and maximizing outcomes It's always a great time discussing offensive security, so be sure to reserve your spot here: https://hubs.la/Q03gDP8v0

If you missed our webinar, "Attack Surface Management in Action: Stories from Cybersecurity Leaders," the recording is now available on-demand! Whether you're just starting to explore ASM or are looking to refine your existing strategy, this webinar will provide valuable insights and actionable advice to strengthen your organization’s security posture. Key Takeaways: - Insights on the latest ASM trends and tactics - Real-world examples of ASM in action (successes and challenges) - Practical strategies for identifying and reducing exposure to cyber threats - How ASM can align with broader cybersecurity frameworks and initiatives Check out our webinar with top cybersecurity leaders Dan Lohrmann, Casey Cammilleri, Al Imran Husain, and Joe Mariscal, MSCS, MBA, CISSP, CISM as they share their real-world experiences on how they've implemented Attack Surface Management (ASM) strategies. You'll hear firsthand accounts of challenges, breakthroughs, and lessons learned. Hear the key insights here: https://hubs.la/Q03grL340

Introducing security into development pipelines is walking a tightrope — one false step can turn developers against your security program. In our latest episode of Ahead of the Breach, Eyal Paz, VP of Research at OX Security, tells Casey why "making developers angry" is the greatest risk to DevSecOps implementation. He shares a battle-tested approach for gradual shift-left security: start in detection mode, gather data for 1-2 weeks, then engage development teams before switching to blocking. Eyal’s Black Hat research shows that although 70% of vulnerabilities come from transitive dependencies, exploitation risk decreases dramatically deeper in the dependency tree, enabling strategic prioritization over overwhelming developers with alerts. The Log4j vulnerability demonstrated why maintaining a comprehensive Software Bill of Materials is essential for rapid incident response. 🎧 Listen on Apple: https://hubs.la/Q03gzW1y0 🎵 Tune in on Spotify: https://hubs.la/Q03gBsx30 📺 Watch on YouTube: https://hubs.la/Q03gBmVc0 ✍️Read our Blog: https://hubs.la/Q03gB5860 #AheadOfTheBreach #Podcast #Cybersecurity #VulnerabilityManagement #AI

That’s a wrap on CypherCon 8! 🎉 Huge thanks to everyone who talked with us to geek out over cybersecurity and made this event, once again, unforgettable. As a Wisconsin-based company, local events like this are truly our favorite. Some highlights from this year: 🔺 Recording content with customers and fellow CypherCon attendees 🔺Insightful talks from Nicholas and JP 🔺Nicholas and JP's team winning the OSINT CTF 🔺Great conversations and connections at our booth Until next time Milwaukee!

We’re thrilled to welcome Olga Grib to Sprocket Security as our QA Engineer! Olga joins us from PortalMedia, bringing valuable experience in software testing. Since joining the team a few months ago, she’s been a key player in refining our testing processes and ensuring the quality of our security solutions. Welcome Olga!

Sprocket's 2025 event season is in full swing! At the end of March, our West Coast team, Taylor B. Knuth and Christopher Lyons attended the ProGathers Phoenix CISO Dinner, making this Sprocket’s first event in Arizona. They had the opportunity to connect with an incredible group of local leaders in the Cybersecurity community. Plus, they even got to meet Jay Bell, former Arizona Diamondbacks player and World Series Champion! ⚾🏆 The night was a perfect mix of engaging conversations, insightful discussions, and meaningful connections. Looking forward to more events like this!

Help us welcome Alex Knecht to the Sprocket Security team! As a Business Development Representative, Alex has been driving conversations and connecting with prospective customers since joining a few months ago. With previous experience as a BDR at Zendesk, he’s hit the ground running and is already making an impact. Welcome aboard, Alex!

Shoutout to Nicholas Anastasi and Juan Pablo Gomez Postigo for crushing their presentations at CypherCon last night! 🙌 They had the crowd hooked with deep dives into DAing and the complexities of passwords in a multilingual world. 🔐🌎 Who caught their talks? Let us know your favorite takeaways! You can catch the team our our booth until 4 pm today!

Cyphercon day 1 is starting! Don't forget to come check out the Sprocket talks this year: - Nicholas Anastasi, "Weird Ways to DA" 5 pm 4/3 -Juan Pablo Gomez Postigo "Lost in Transliteration: Hidden Passwords in a Multilingual World" 7 pm 4/3