Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context.
Joined January 2013
- Tweets 3,106
- Following 49
- Followers 2,918
- Likes 429
1,834 Photos and videos
Pinned Tweet
9 Oct 2025
Breaking news from Turin ⚽️
Picus Security joins @juventusfc as the Official Exposure Validation Partner.
From simulation drills to cyber drills, this signing is all about strengthening defense the Juventus way.
🖤🤍 Full details: picussecurity.com/resource/p…
#PicusSecurity #Juventus #ExposureValidation #CyberResilience #ForzaJuve
7
18
2,284
Annual manual pentests give you one snapshot a year. Your environment changes daily. New users, new misconfigurations, new vulnerabilities.
An automated pentest runs on a cadence, or continuously, so your attack path exposure stays current between engagements.
Learn more: hubs.li/Q04kf8Vz0
#AutomatedPenetrationTesting
1
53
Jun 13
AI adversaries attack in minutes. Most teams still validate defenses on a quarterly calendar.
At @IDC IT Security Xchange & Awards UAE, Tarek showed how a virtual crew of AI agents closes that gap: ingest intel, simulate threats, mobilize fixes. Machine speed defense.
54
Jun 12
A new CVE used to buy you time. Assess, patch, test. Exploit dev took weeks.
Picus Labs now tracks that timeline in hours. AI builds the variant before your change window opens.
What that means for validation, @SecurityWeek June 24: hubs.li/Q04kd-NM0
67
Jun 12
Picus is at the FS-ISAC EMEA Summit, June 15 to 18, The Hague. Booth #1.
See how banks and insurers prove their controls stop real attacks before auditors and adversaries test them.
Learn more: hubs.li/Q04kf3dF0
50
Jun 11
Cyber Security Analyst in the IT Services Industry gives Picus Security Validation Platform 5/5 Rating in Gartner Peer Insights™ Adversarial Exposure Validation Market. Read the full review here: hubs.li/Q04k89j00 #gartnerpeerinsights
40
Jun 11
Large organizations have CTI teams, red teams, and blue teams, yet their defense workflow still takes four days while AI-assisted attacks complete in under an hour.
The problem is not the tools — it is that the handoffs between teams move at calendar speed. @volkanerturk, Picus Co-founder & CTO, on how to fix it: hubs.li/Q04kfbnv0
#CyberSecurity #AIThreats
51
Jun 10
If your automated pentest findings have been flat for 3 quarters, that is not maturity but a discovery ceiling built on fixed scope, static payloads, and the same surface every run.
@PicusSecurity breaks this down on @TheHackersNews. Week of June 22.
Register now: hubs.li/Q04kf6l30
1
1
63
Jun 10
CanisterWorm infected 60 npm packages in under 24 hours.
One compromised security scanner (Trivy), one stolen set of npm tokens, and a worm that spread to every package victims controlled.
Full breakdown: hubs.li/Q04kdZFq0
#SupplyChainSecurity #npm
89
Jun 9
Picus is at the IDC IT Security Xchange UAE, 11 June, Dubai.
We help security teams prove their controls stop real attacks instead of assuming they do.
Come find us: hubs.li/Q04kfPCp0
#ExposureValidation
53
Jun 8
Nearly 20,000 new CVEs this year. No team patches that fast.
Picus CEO Alper Memis in @FastCompany: stop chasing counts, start validating which exposures attackers can actually reach.
Read the full piece in Fast Company: hubs.li/Q04kdlGF0
1
1
41
Jun 8
Picus is now verified under Anthropic's Cyber Verification Program. Mythos-class cyber capability now runs inside Picus Autonomous Pentesting, proving which exposures an attacker can actually reach.
The next attack will be AI-driven. Picus already is.
1
3
200
Jun 8
Automated pentesting is directional. One blocked step near the top leaves every downstream technique untested. BAS runs each test independently, so nothing cascades.
They answer different questions. Why one cannot replace the other: hubs.li/Q04jTmvk0
58
Jun 7
Your automated pentest found the path. Who validated the defense?
Two different questions, and only one got answered.
@PicusSecurity x @TheHackersNews. Week of June 22.
hubs.li/Q04jHHxR0
1
99
Jun 6
A China-linked backdoor rewrote its C2 stack 5 times in 5 months, from reverse shell to encrypted WebSocket beacon. That is a prompt-and-answer pattern, not human iteration.
OpenAI confirmed ChatGPT helped build it. Our breakdown: hubs.li/Q04jHNBC0
79
Jun 5
Validation maturity, honestly: → Assumed: deployed, so you trust it → Scheduled: tested on a cycle → Continuous: runs against change → Autonomous: validates and re-tests closure itself
Where do you really sit? @SecurityWeek, June 24: hubs.li/Q04jHMPk0
69
Jun 5
Most security programs are built for human-speed threats. AI-speed attackers don't care.
@Matt_Rosenquist and David D. Mauro break down the 12 recommendations security teams need right now.
#AIThreats #SecurityValidation
2
1
147
Jun 5
12 actions to validate your defenses before the Glasswing report lands in July. Full guide here: picussecurity.com/resource/r…
110
Jun 5
Picus Detection Analytics now plugs into Cribl Lake SIEM. Run an attack emulation, then see which Cribl Lake detections fired, which missed, and why. Detection coverage becomes evidence, not assumption.
Learn more: hubs.li/Q04jwJXQ0
2
91
Jun 4
At the @Gartner_inc Security & Risk Management Summit, Picus CTO @volkanerturk made the case: AI changed both sides of the fight, and most defenses have not caught up.
Attacks land in minutes. Manual validation takes weeks. That gap is the real exposure. The fix is proof, not coverage.
Thanks to everyone who packed the room.
#SecurityValidation #GartnerSEC
1
83