Sprocket Security

Do you know all the types of tech that make up your attack surface? It’s not just servers and endpoints anymore. Real-world breaches have stemmed from things like fax machines, smart light bulbs, CI/CD pipelines, and even DNS records. Attackers are creative — and they’re finding cracks in places most teams aren’t even monitoring. A notable example is a smart light bulb that pretended to be offline, tricking users into resetting it — which allowed an attacker to rejoin the network. In another case, malware leveraged DNS TXT records to retrieve commands, operating completely filelessly and under the radar. The modern attack surface is sprawling, weird, and constantly changing. So how do you keep up? Join us Tuesday, April 1 at 12 p.m. ET / 11 a.m. CT for a live webinar where top cybersecurity leaders will break down how they’re tackling Attack Surface Management (ASM) in their own organizations. You’ll hear firsthand experiences about what’s worked, what hasn’t, and how they’re aligning ASM with broader security strategies. ??? Hosted by Dan Lohrmann (Presidio, Field CISO) With expert insights from: ?? Casey Cammilleri (CEO, Sprocket Security) ?? Al Imran Husain (CISO & VP of Global Infrastructure, MillerKnoll) ?? Joe Mariscal, MSCS, MBA, CISSP, CISM (Director of Cybersecurity & Compliance, Ryerson) Whether you’re just starting to explore ASM or want to sharpen your current approach, this session will give you real-world strategies and lessons you can actually apply. ?? Register here: https://lnkd.in/ejjVh4eu #ASM #AttackSurfaceManagement #Cybersecurity #Webinar #InfoSec #SecurityLeaders #CISO

Are you affected by Next.Js? Senior Penetration Tester Nicholas Aures breaks down this emerging vulnerability and what you should do moving forward to protect your organization. ??Points of concern?? - Affects Self-Hosted Next.js applications insecurely using Middleware - Root cause is fairly technical but the attack is NOT - Outcome, if vulnerable, range greatly. Worst case scenario: bypassing authentication checks #CVE #SprocketSecurity https://hubs.la/Q03dH7RX0

Are you attending Cyphercon this year? If so, check out Nicholas Anastasi's and Juan Pablo Gomez Postigo's talks! Nicholas will present on 4/3 at 5 pm and Juan Pablo will present at 7 pm. See the talks and find Sprocket at the Baird Center in Milwaukee on April 3-4. See you there! https://hubs.la/Q03dH8ZH0

We are proud to introduce Nicholas Aures as one of Sprocket Security’s newest Senior Penetration Testers! You might already recognize Nick from our Pentesters Chat series, but beyond that, he’s a seasoned hacker with years of experience, having helped Sedara build their Penetration Testing practice from the ground up. His skills have already made an impact on our team, and we’re excited to have him!

How do you speak security to executives when technical metrics often mean nothing to them? In our latest episode of Ahead of the Breach, Joshua Brown, Founder of Digital Defense Consulting & CISO at Spektrum Labs, explains to Casey why the FAIR model became his secret weapon, converting complex risks into simple dollar figures that boards instantly understand. Josh also shares how his team discovered users being compromised on personal devices that never touched corporate resources, forcing a complete rethinking of their defensive strategy. "Control is an illusion," he warns, highlighting how it’s not so much about controlling as it is about protecting. Being a good leader is also key for Josh. His three-point framework keeps security teams engaged and growing in an era where AI is enabling attackers to develop sophisticated campaigns faster than defenders can patch. Check out the full conversation now for practical strategies on transforming security from a technical function to a business enabler. ?? Listen on Apple: https://hubs.la/Q03dl04d0 ?? Tune in on Spotify: https://hubs.la/Q03dlbcd0 ?? Watch on YouTube: https://hubs.la/Q03dl4ZZ0 ??Read our Blog: https://hubs.la/Q03dl4ZZ0 #AheadOfTheBreach #Podcast #Cybersecurity #VulnerabilityManagement #AI

Webinar Promo (clip from Joe)Another panelist on our upcoming Attack Surface Management webinar is Joe Mariscal, who also appeared on the Ahead of the Breach podcast! In the below clip, Joe discusses how cybersecurity is a business tool that supports growth, not a standalone barrier. Be sure to catch other key insights from Joe by registering for our webinar on April 1st at 12pm ET/11am CT: https://hubs.la/Q03d7TpM0

Counting down to the Retail and Hospitality-ISAC Cyber Intelligence Summit 2025! As a proud sponsor, Sprocket Security invites you to join us in St. Louis from April 7-9 for engaging discussions on safeguarding consumer data and enhancing cyber resilience. https://hubs.la/Q03bcJ7_0

Say hello to our newest Associate Member, Sprocket Security! Sprocket Security specializes in continuous penetration testing, helping community banks proactively identify and address security vulnerabilities before attackers can exploit them. Their expert-driven approach combines human-led testing with automated Attack Surface Management to assess external and internal threats, web applications, cloud security, network segmentation, and even physical security risks. Community banks benefit from Sprocket’s unlimited re-tests, continuous communication with security testers, on-demand attestation letters, and comprehensive reporting – ensuring compliance with financial industry regulations like PCI-DSS, FFIEC, and GLBA. By providing year-round security validation, Sprocket Security helps community banks strengthen their defenses, reduce IT risk, and maintain trust with customers. Welcome! ?? #CommunityBanking #BankLocal #BankInMN

Join us in welcoming Amanda Mates to Sprocket Security’s marketing team as our Content Marketing Manager! Amanda brings an extensive background in cyber marketing and has already played a pivotal role in shaping our content strategy. From technical blog content to SEO and editorial planning, Amanda’s expertise is a huge asset to the team. We’re thrilled to have her on board!

As we gear up for our Attack Surface Management in Action webinar, we wanted to highlight panelist Al Imran Husain, who has previously appeared on the Ahead of the Breach podcast! Check out this clip of Husain discussing AI-powered threat detection as the future of cybersecurity, and be sure to register for our webinar to hear more of his insights! The webinar is happening April 1st at 12pm ET/11am CT, and you don't want to miss it. Reserve your spot here: https://hubs.la/Q03cQLJV0