|
By CP Morey
Vulnerability scanning gives security teams a starting point, but it has never been the whole picture. Scan results capture known CVEs across applications and systems, yet they say nothing about whether a given weakness is actually reachable, whether the controls around it are functioning correctly, or whether the people with access to it represent a meaningful risk. Exposure management addresses all of that.
|
By Garrett Hamilton
The Microsoft Defender Security Research Team and Microsoft Threat Intelligence documented a campaign in which Storm-2949 abused Microsoft Entra ID accounts to exfiltrate data from Microsoft 365 and Azure environments. The attack shows how cloud intrusions increasingly unfold through identity systems, administrative features, and legitimate platform capabilities rather than obvious malware or traditional endpoint compromise.
Close Defensive Gaps Before AI Attacks Exploit Them
|
By Garrett Hamilton
On April 22, 2026, Google's Threat Intelligence Group and Mandiant disclosed a campaign by a threat actor they're tracking as UNC6692. The group breached enterprise networks by impersonating IT helpdesk staff over Microsoft Teams, ultimately exfiltrating Active Directory databases and achieving full domain compromise. What's notable about UNC6692 is what they didn't do. They didn't use a zero-day. They didn't exploit a software vulnerability.
|
By Reach Security
The study, commissioned by Reach Security, reveals widespread misconfigurations, slow remediation cycles, and manual approaches to drift management, highlighting the urgent need for preemptive approaches that continuously validate security controls.
|
By John Dominguez
A new research report from Reach Security reveals that misconfigured security controls, configuration drift, and unused capabilities across an organization’s existing security technology stack are a primary driver of cybersecurity risk.
|
By CP Morey
Upgrading Microsoft enterprise licenses from E3 to E5 or from Entra ID Plan 1 to Plan 2? Whether your company is making the move or evaluating it, the key question is: How do you turn licensing changes into real security gains? Platformizing remains a major trend in 2025, and Microsoft often sits at the center of these efforts due to its broad security capabilities. But maximizing value from E3 and E5 licenses requires time, expertise, and contextual understanding of your environment.
|
By John Dominguez
In 2025, organizations spent billions on security, deploying EDR/XDR, SASE, firewalls, identity platforms, email security, web security, and more. And yet, breaches persist. The reason often is not a zero-day, an advanced persistent threat, or a cutting-edge exploit. It is far more mundane. Misconfigurations across identity, endpoint, network, and email/web security controls remain among the top root causes of incidents.
|
By CP Morey
Security configurations are not static. They evolve over time due to software updates, policy changes, emergency patches, and human intervention. While these changes are often necessary, they can lead to configuration drift, a gradual misalignment between an organization’s security controls and its intended security policies.
|
By Reach Security
Reach Security Wins Pioneering Continuous Threat Exposure Management (CTEM) in the 14th Annual Global InfoSec Awards at #RSAC 2026.
|
By Reach Security
Offense is running on AI. Defense has to as well. That's the throughline of Garrett Hamilton's conversation with Jay Wilson, CIO and CISO at Insurity, on The Security Strategist, hosted by Shubhangi Dua at EM360Tech. What they get into.
|
By Reach Security
Nancy Phillips, Chief Information Security Officer (CISO) at Ensemble Health, discusses how Reach Security provides her team with continuous assurance that the team's security controls are operating as intended.
|
By Reach Security
Threat actors used to need days or weeks to exploit a vulnerability. Now AI lets them do it in seconds. Most security teams are already buried. Too many tools, too many alerts, manual processes that can't keep pace, and break-glass changes that get made and forgotten. Keeping everything configured and optimized correctly is a full-time job on its own. Nancy Phillips, Chief Information Security Officer at Ensemble Health Partners: "I want my teams doing the innovative stuff. Not the mundane, repeatable stuff.".
|
By Reach Security
At Black Hat last year, we sat down with Kevin Mandia to talk about what's coming. His take: offense is going to accelerate with AI. Not slow down. Not plateau. Accelerate. When you've run more red teams than practically anyone on the planet, the pattern is clear. Getting into a victim network is already a race. AI compresses those time frames further. The attack surface isn't changing. Misconfigurations, things that slipped, controls that were on and got turned off. The entry point stays the same. AI just makes the race to exploit it faster.
|
By Reach Security
Zscaler Secure Internet Access (ZIA) provides powerful secure access, inline inspection, decryption, and data loss prevention capabilities. But as your security and IT environments scale, and security controls change, Zscaler ZIA protections can drift away from established baselines, increasing your risk and leaving you open to attack. Reach analyzes your Zscaler ZIA controls to find and fix misconfigured controls, activate unused capabilities, and stop configuration drift. This hardens your defenses and protects you against fast-moving adversaries.
|
By Reach Security
Microsoft Defender for Office 365 is powerful out of the box. The problem? Configurations drift. IT teams make changes the security team doesn't know about. Anti-phishing policies weaken. Safe Links gaps open up. And AI-powered attackers are finding those openings faster than any team can manually catch them. Reach analyzes your Microsoft Defender for Office 365 controls, activates underutilized capabilities, remediates misconfigurations, and keeps your deployment aligned to your security baseline continuously.
|
By Reach Security
Garrett Hamilton recently presented at the North Texas ISSA Lunch & Learn in Plano, TX to talk about what risk reduction actually looks like in practice. Reach shows customers exactly which controls they've deployed, the user impact of those changes, and how much risk has been reduced across IAM, EDR, email, firewall, and SASE. Not feature checklists. Targeted, measurable outcomes tied to the business.
|
By Reach Security
Microsoft Defender for Office 365 protects against phishing, malware, and malicious links across email and collaboration tools. But as environments scale and settings are changed, your Defender security controls can drift away from security baselines and degrade your security posture. Reach continuously analyzes your Defender deployment to find and fix misconfigurations, activate unused capabilities, and stop configuration drift.
|
By Reach Security
New year, new faces, big goals. To close out 2025 and open 2026, we welcomed 43 new team members across engineering, sales, customer success & solutions, marketing, and operations. Reach was founded to close the gap between knowing where you're exposed and actually fixing it. That mission doesn’t scale without the right people. Growth is exciting, but aligned growth—with the right people, at the right time, for the right mission—is what really matters.
|
By Reach Security
Garrett Hamilton, CEO & Co-Founder of Reach, joined Bryce Carter, CISO for the City of Arlington, at the NTX ISSA Lunch & Learn in Plano, TX — a practical, operator-focused discussion with the local security community.
- June 2026 (2)
- May 2026 (7)
- April 2026 (8)
- March 2026 (7)
- February 2026 (8)
- January 2026 (15)
- December 2025 (15)
- November 2025 (20)
- October 2025 (3)
Reach helps you get the most from your existing security stack by uncovering exposure, misconfigurations, and weaknesses that tools often miss. Using AI agents, it prioritizes and drives remediation based on real exposure, reducing operational costs and enabling measurable, preventive action, all from the leader in AI-Native Exposure Management.
Expose and eliminate hidden risk within your security stack:
- Threat Exposure Management: Reach identifies exposure that is actually reachable, like those on end-user devices that enable ransomware delivery. By focusing on real exposure, it helps you prioritize actions that measurably reduce risk.
- Security Posture Management: Weak controls create protection gaps like those that allow session hijacking or lateral movement. Reach helps you strengthen your posture by continuously validating whether your security controls are working as intended.
- Configuration Management: Misconfigurations leave systems open to attack. Reach finds these weaknesses across your stack and recommends precise, context-aware fixes that simplify remediation and reduce friction for your team.
AI Agents for Security Architects.