Resources

Downloadable PDFs

Lares Continuous Defensive Improvement Through Adversarial Simulation and Collaboration corporate profile (image)

News & Events

Blog

Stop Over-Scoping. Start Pressure Testing. 1200 630 Andrew Heller

Stop Over-Scoping. Start Pressure Testing.

Most pen tests are scoped too tightly to provide real value. Learn why Lares advocates for pressure-based testing, open scope, and the PTES framework to uncover real risk and build stronger security programs.

read more
Red, Blue, and Purple Teams – What They Actually Mean, and How Lares Helped Build the Model Everyone Uses Today 1200 630 Andrew Heller

Red, Blue, and Purple Teams – What They Actually Mean, and How Lares Helped Build the Model Everyone Uses Today

Everyone uses the Red/Blue/Purple model—but most organizations only apply part of it. This post breaks down the real roles behind each function, how Lares helped build the model into what it is today, and how to apply it even if you don’t have formal teams. Whether you’re running full adversarial simulations or just starting structured testing, this is what effective security collaboration actually looks like.

read more
Vulnerability Scanning Isn't Security Testing 1200 630 Andrew Heller

Vulnerability Scanning Isn't Security Testing

Solely on vulnerability scanning creates a false sense of security. Learn the limits of automated tools versus comprehensive, adversary-focused security testing for true cyber resilience.

read more
Think Your Group Chat is Safe? 1280 720 Andrew Heller

Think Your Group Chat is Safe?

Why business chat platforms are an excellent vector for social engineering. Author: Andrew Heller – Lares Marketing Manager My Slack channels at work feel safe. They’re internal. They’re informal. They are where I get 90% of my collaboration done…way faster than anything I could do over email/outlook. And attackers know it. From Backchannel to Breach…

read more
Protecting Your Business – Ransomware Prevention and Recovery Best Practices 2000 1379 Andrew Heller

Protecting Your Business – Ransomware Prevention and Recovery Best Practices

Ransomware attacks have emerged as one of the most significant cybersecurity threats to organisations worldwide, creating substantial challenges for data security and business continuity. Ransomware attacks have emerged as one of the most significant cybersecurity threats to organisations worldwide, particularly financial institutions, creating substantial challenges for data security and business continuity. These attacks have become…

read more
Adapt or Get Compromised: What a Real Vishing Engagement Revealed 1600 1067 Andrew Heller

Adapt or Get Compromised: What a Real Vishing Engagement Revealed

Vishing isn’t theoretical. It’s happening every day, and most companies don’t even know they’ve been compromised. This post breaks down one of our real-world voice phishing simulations and what it revealed about an otherwise mature security program. The Objective: Breach by Phone A global retailer hired us to test their frontline defenses, specifically their customer…

read more
Weaponizing the Human Element: Inside a Vishing Operator’s Playbook 1600 1067 Andrew Heller

Weaponizing the Human Element: Inside a Vishing Operator’s Playbook

This blog focuses on how vishing works and how we weaponize human behavior to get in. The Psychology Behind Vishing Effective vishing exploits emotion and urgency. Every call is calibrated to: Create pressure (“We need this now.”) Leverage authority (“Your manager asked us to do this.”) Instill doubt (“We’re seeing some odd behavior on your…

read more
Why Vishing Still Works (And Why You're Not Ready) 1600 1067 Andrew Heller

Why Vishing Still Works (And Why You're Not Ready)

You’ve trained employees to spot phishing emails. You’ve rolled out MFA. Your endpoints are locked down. But none of that matters when an attacker calls your help desk and talks their way in. This is vishing—short for voice phishing—and it’s one of the most effective, least tested threats facing organizations today. What is a Vishing…

read more
Inside the Mind of a Lares Red Team: How OSINT Unlocks the Attack 1200 630 Jethro Inwald
  • Jethro Inwald
  • No Comments

Inside the Mind of a Lares Red Team: How OSINT Unlocks the Attack

Attackers don’t always need exploits—sometimes, they just need what your organization is already exposing. Before launching an attack, adversaries gather publicly available intelligence on employees, security tools, vendors, and internal processes to craft highly targeted phishing, vishing, and social engineering attacks. This blog explores how Organizational OSINT fuels real-world breaches and what security teams can do to reduce their exposure before it’s exploited.

read more
Custom Detection Engineering: Strengthening Blue Teams with Lares Purple Team Testing 1200 630 Andrew Heller

Custom Detection Engineering: Strengthening Blue Teams with Lares Purple Team Testing

Most security tools rely on default detections, making them ineffective against stealthy attackers. Lares helps SOC teams develop custom detection rules tailored to their unique threat landscape.

read more

Webcasts

Videos

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Call Us

(720) 600-0329

Email Us

sales@lares.com

©2025 Lares, a Damovo Company | All rights reserved.
Enter your
text here