Sprocket Security

What do cybersecurity experts have to say about their experience using Attack Surface Management? Join our webinar on April 1st at 12pm ET/11am CT to hear all their insights ?? Secure your spot here: https://hubs.la/Q03bZNV50

Who's going to RSA in San Fransisco this year?! Sprocket will be on the main floor at booth 3121 in the South Connecting Hall. Interested in booking time with us or coming to our happy hour? Learn more here: https://hubs.la/Q03bYyrF0

A default 10-minute query interval could be the key to bypassing Internet routing security. In this episode of Ahead of the Breach, Donika Mirdita, Security Researcher at Fraunhofer Institute for Secure Information Technology, tells Casey how predictable RPKI processing patterns combined with short manifest lifecycles create a perfect storm for undetectable routing attacks. By constructing precisely sized publication point subtrees and employing targeted rate limiting, attackers can manipulate core Internet routing protections without detection. Donika also shares some other findings and insights from her research: → Manifest files expire in 2-48 hours by design. → Publication points process queries at fixed 10-minute intervals. → 50-100 node subtrees trigger extend processing without timeouts. → Rate limiting with spoofed packets prevents repository updates. → No error signals or monitoring alerts during 6-8 hour stalls. For network security teams managing BGP infrastructure, this research reveals critical gaps in RPKI's processing architecture and demonstrates the need for improved manifest lifecycle management. ?? Listen on Apple: https://hubs.la/Q03bxhgj0 ?? Tune in on Spotify: https://hubs.la/Q03bxCPq0 ?? Watch on YouTube: https://hubs.la/Q03bxDmF0 ??Read our Blog: https://hubs.la/Q03bxLHs0 #AheadOfTheBreach #Podcast #Cybersecurity #VulnerabilityManagement #AI

Curious about how to bypass anti-cheat systems with direct memory access? Join Milsec on March 20 at 6 PM for an in-depth presentation by Connor Kastner at the New Berlin Ale House. A happy hour will follow. RSVP here: https://hubs.la/Q039GLvK0

We are thrilled to announce the promotion of Nate Fair from Penetration Tester to Senior Penetration Tester at Sprocket Security! Nate has been a driving force in helping develop the world class testing that Sprocket Security provides today. Nate has been with us for four years and we wouldn’t be the company we are today without his continuous hard work; and we wouldn’t have the reputation we have today without his awesome hacking. As a Senior Penetration Tester Nate will continue to lead testing efforts within our clients and will focus on advancing our automated testing capabilities for the future. Please join us in congratulating Nate on this well-deserved promotion!

What does Attack Surface Management look like, up-close and personal? Hear stories from the trenches of actual cybersecurity leaders in our interactive webinar happening April 1st at 11am CT/12pm ET. Hosted by Dan Lohrmann (Presidio) and with panelists Casey Cammilleri (Sprocket Security), Al Imran Husain (MillerKnoll), and Joe Mariscal, MSCS, MBA, CISSP, CISM (Ryerson), you'll be sure to get some great insight from these experts. Register here to claim your spot, we can't wait to see you there! https://hubs.la/Q03blWd50

We're excited to announce that Sprocket Security is attending the Retail and Hospitality-ISAC Cyber Intelligence Summit 2025, taking place April 7-9 in St. Louis, MO! Join us to connect with cybersecurity leaders and explore the latest trends in retail and hospitality security. https://hubs.la/Q03bb2850

Don't forget-- hear all about the Double-Edged Sword of Single Sign On (SSO) in our next Pentester's Chat TOMORROW, March 7 at 12PM CT/1PM ET! Our testers will be answering any questions and comments you have, so be sure bring your thoughts! We'll see you there ?? ????? Secure your spot here: https://hubs.la/Q039Pp9n0

Are you attending Cyphercon this year? If so, check out Nicholas Anastasi's and Juan Pablo Gomez Postigo's talks! See the talks and find Sprocket at the Baird Center in Milwaukee on April 3-4. See you there! https://hubs.la/Q039GLD90

Are you attending Cyphercon this year? If so, check out Nicholas Anastasi's and Juan Pablo Gomez Postigo's talks! Nicholas will present on 4/3 at 5 pm and Juan Pablo will present at 7 pm. See the talks and find Sprocket at the Baird Center in Milwaukee on April 3-4. See you there! https://hubs.la/Q039GLBg0