Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Outpost 24

Belsen Group: Analyzing a new and ambitious threat group

On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have expanded their malicious activities into acting as initial access brokers. Who are they and what do we know about them? In this blog we’ll give you the lowdown on an ambitious new threat group to be aware of.

How to reduce false positives when pen testing web apps

In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability or issue that doesn’t actually exist. Essentially, a false alarm. This can happen for a few reasons, such as misconfigurations in the testing tools, incorrect assumptions, or environmental factors.

Threat Context monthly: Executive intelligence briefing for January 2025

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from January.

Six steps for running a successful security program

Starting a security program can be challenging for some organizations, especially running a mature program across a large business. Resourcing, lack of organization, and not having a clear remediation strategy are key aspects to the failure of some programs, which can all result in severe breaches of businesses. I’ll walk through seven steps that will help ensure your program is a success and also give a quick overview of how Outpost24’s Managed Services can support your efforts.

CISO predictions: What does 2025 hold for attack surface management (ASM)?

We’ve asked Outpost24’s CISO, Martin Jartelius, what 2025 is likely to hold for organizations using attack surface management (ASM) tools. Here’s what Martin had to say about what he predicts for ASM in 2025, as well as some thought on how the CISOs role might change.

Threat Context Monthly: Executive intelligence briefing for December 2024

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from December.

How to protect your site from subdomain takeover

Subdomain takeover is a serious risk for organizations with a large online presence (which is a lot of businesses in 2025!). A domain name is the starting point of your company’s online identity, encompassing the main and subsidiary websites—serving as the organization’s business card, storefront, and a central hub for commercial activities. For SaaS providers and tech solution vendors, domains also form a critical component of their product offerings.

Top three cyber threats that will persist in 2025

As another year comes to an end, it’s not only Santa who brings presents for those on his nice list. These days, it’s quite common for well-known firms to publish their annual roundups of the most notable events that have taken place in the cybersecurity landscape, together with predictions of what can we expect in next twelve months.

New RBAC feature offers granularity and flexibility for Outpost24's EASM customers

A new role-based access control (RBAC) feature has been added to Outpost24’s external attack surface management (EASM) solution. This opens up new possibilities for Outpost24 customers, allowing them to be more granular when it comes to configuring permissions for different roles.

Threat Context monthly: Executive intelligence briefing for November 2024

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from November.