Blog

The TTX + TTP Replay FAQ: Executive and Practitioner Guide to Evidence-Backed Cyber Defense Validation
The TTX + TTP Replay FAQ: Executive and Practitioner Guide to Evidence-Backed Cyber Defense Validation 150 150 Andrew Heller
Stop guessing and start proving. Explore our comprehensive FAQ to learn how integrating Tabletop Exercises (TTX) and live-fire TTP Replay exposes detection gaps, validates security investments, and builds an evidence-backed cyber defense. read more

The Top 5 Security Threats CISOs Actually Care About in 2026
The Top 5 Security Threats CISOs Actually Care About in 2026 1200 630 Andrew Heller
This report breaks down five practical threat categories impacting CISOs in 2026, from Agentic AI to Deepfake fraud, that Lares adversarial engineers encounter in the wild. read more

Audit Success vs Operational Resilience: Understanding the Gap
Audit Success vs Operational Resilience: Understanding the Gap 150 150 Andrew Heller

Compliance is a necessary part of enterprise security. It provides structure, accountability, and a baseline for control maturity. But compliance is not security. Passing an audit confirms that controls exist.…

read more

Purple Teaming: The Fastest Way to Improve Detection and Response
Purple Teaming: The Fastest Way to Improve Detection and Response 150 150 Andrew Heller

Many organizations assume their detections will activate during a real intrusion. Yet when Lares runs adversary simulations, we routinely observe well-managed environments failing to detect privilege escalation, cloud role misuse,…

read more

From Low-Value Identity to High-Value Impact: A Realistic Attack Chain
From Low-Value Identity to High-Value Impact: A Realistic Attack Chain 150 150 Andrew Heller
A simple identity compromise can escalate into full cloud or data access. See a realistic attack chain and what it means for enterprise security teams. read more

How Adversaries Actually Test Enterprise Environments
How Adversaries Actually Test Enterprise Environments 150 150 Andrew Heller

Most security programs are built around assessments that operate by scope. Pentests, compliance audits, and tool-driven reviews all share this constraint. They evaluate environments based on what is allowed, not…

read more

TTX and TTP Replay: The Win-Win Combo We Undervalue
TTX and TTP Replay: The Win-Win Combo We Undervalue 1200 630 Andrew Heller
Most organizations run tabletop exercises and detection tests in isolation, creating blind spots that only show up during real incidents. Pairing a tabletop exercise with a TTP replay exposes the cracks in people and process, then verifies the fixes in controls and telemetry. This combined approach delivers the evidence needed to build a defensible, data-backed security posture. read more

From Compliance to Combat: Why Financial Services Still Bleed
From Compliance to Combat: Why Financial Services Still Bleed 1200 630 Andrew Heller
Audit-ready is not attack-ready. Lares shows financial institutions how adversaries bypass compliance to target payments, PII, and mainframes. read more

AI Didn't Breach You. Your Configuration Did.
AI Didn't Breach You. Your Configuration Did. 1200 630 Andrew Heller
Despite headlines about autonomous LLM-driven cyberattacks, recent incidents like the ServiceNow Count(er) Strike vulnerability and so-called “LLM hijacking” campaigns all came down to old techniques: enumeration, poor ACLs, and exposed credentials. read more

The MFA That Wasn’t (Part 2)
The MFA That Wasn’t (Part 2) 1200 630 Andrew Heller
We didn’t escalate privileges. We didn’t break anything. We authenticated, then watched the CRM leak full names, departments, employee IDs, and account IDs into the browser. Everything trusted the login. And that trust is what got them compromised. read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Call Us

(720) 600-0329

Email Us

sales@lares.com

©2025 Lares, a Damovo Company | All rights reserved.
Enter your
text here