Thank You for Contacting Lares

We’re excited to help you protect what matters most. A member of our team will get in touch with you shortly. While you wait, explore our resources:

Download Our Latest Whitepapers

Dive into insights like Advanced Techniques for Infiltrating Fortune 100 Companies.

View All Resources

Stay Ahead of Trends

Visit LinkedIn

How we do it

Methodology Docs

Red Team

Purple Team

Penetration Testing

vCiso Advisory Services

Application Security
Assessment

Physical Security
Testing

The Project #6

Organizational OSINT for Red Teaming

Read the Lares Blog

Your AI CCTV System is a Near-Sighted Toddler

Blog, Purple Teaming, Red Teaming

June 30, 2025

by Andrew Heller

Discover how Lares engineers bypass AI-enabled CCTV systems using real-world tactics. Learn why modern surveillance fails under pressure, how to test and tune detection models through purple teaming, and what steps your organization can take to improve physical security before a breach occurs.

Stop Over-Scoping. Start Pressure Testing.

Blog, Blue Team, Insider Threat, Penetration Testing, Purple Teaming, Red Teaming

June 26, 2025

by Andrew Heller

Most pen tests are scoped too tightly to provide real value. Learn why Lares advocates for pressure-based testing, open scope, and the PTES framework to uncover real risk and build stronger security programs.

Vulnerability Scanning Isn't Security Testing

Blog, Penetration Testing, Red Teaming

May 12, 2025

by Andrew Heller

Solely on vulnerability scanning creates a false sense of security. Learn the limits of automated tools versus comprehensive, adversary-focused security testing for true cyber resilience.

Think Your Group Chat is Safe?

Blog, Penetration Testing

April 10, 2025

by Andrew Heller

Why business chat platforms are an excellent vector for social engineering.Author: Andrew Heller - Lares Marketing ManagerMy Slack channels at work feel safe.They're internal.They're informal.They are where I get 90% of my collaboration done...way faster than anything I could do over email/outlook.And attackers know it.From Backchannel to BreachRecent "Signal group chat" headlines have exposed just...

Protecting Your Business - Ransomware Prevention and Recovery Best Practices

Blog, Penetration Testing

April 8, 2025

by Andrew Heller

Ransomware attacks have emerged as one of the most significant cybersecurity threats to organisations worldwide, creating substantial challenges for data security and business continuity.Ransomware attacks have emerged as one of the most significant cybersecurity threats to organisations worldwide, particularly financial institutions, creating substantial challenges for data security and business continuity.These attacks have become a major...

Adapt or Get Compromised: What a Real Vishing Engagement Revealed

Blog, Red Teaming

March 26, 2025

by Andrew Heller

Vishing isn’t theoretical. It’s happening every day, and most companies don’t even know they’ve been compromised.This post breaks down one of our real-world voice phishing simulations and what it revealed about an otherwise mature security program.The Objective: Breach by PhoneA global retailer hired us to test their frontline defenses, specifically their customer support and IT...

Weaponizing the Human Element: Inside a Vishing Operator’s Playbook

Blog, Red Teaming

March 26, 2025

by Andrew Heller

This blog focuses on how vishing works and how we weaponize human behavior to get in.The Psychology Behind VishingEffective vishing exploits emotion and urgency. Every call is calibrated to:Create pressure (“We need this now.”)Leverage authority (“Your manager asked us to do this.”)Instill doubt (“We’re seeing some odd behavior on your login.”)Play to empathy...

Why Vishing Still Works (And Why You're Not Ready)

Blog, Red Teaming

March 26, 2025

by Andrew Heller

You’ve trained employees to spot phishing emails. You’ve rolled out MFA. Your endpoints are locked down. But none of that matters when an attacker calls your help desk and talks their way in.This is vishing—short for voice phishing—and it’s one of the most effective, least tested threats facing organizations today.What is...

Inside the Mind of a Lares Red Team: How OSINT Unlocks the Attack

Blog, Red Teaming

March 13, 2025

by Jethro Inwald

Attackers don’t always need exploits—sometimes, they just need what your organization is already exposing. Before launching an attack, adversaries gather publicly available intelligence on employees, security tools, vendors, and internal processes to craft highly targeted phishing, vishing, and social engineering attacks. This blog explores how Organizational OSINT fuels real-world breaches and what security teams can...

Custom Detection Engineering: Strengthening Blue Teams with Lares Purple Team Testing

Blog, Purple Teaming

February 28, 2025

by Andrew Heller

Most security tools rely on default detections, making them ineffective against stealthy attackers. Lares helps SOC teams develop custom detection rules tailored to their unique threat landscape.

Thank You for Contacting Lares

Download Our Latest Whitepapers

Stay Ahead of Trends

Read the Lares Blog

Your AI CCTV System is a Near-Sighted Toddler

Stop Over-Scoping. Start Pressure Testing.

Vulnerability Scanning Isn't Security Testing

Think Your Group Chat is Safe?

Protecting Your Business - Ransomware Prevention and Recovery Best Practices

Adapt or Get Compromised: What a Real Vishing Engagement Revealed

Weaponizing the Human Element: Inside a Vishing Operator’s Playbook

Why Vishing Still Works (And Why You're Not Ready)

Inside the Mind of a Lares Red Team: How OSINT Unlocks the Attack

Custom Detection Engineering: Strengthening Blue Teams with Lares Purple Team Testing

Call Us

Email Us

©2025 Lares, a Damovo Company | All rights reserved.