blog·Thu, Jul 2, 04:05 PM·Confidence 70%high qualitypublic
Blog | GhostEyeResearch and field notes from GhostEye on human-risk intelligence, adversarial testing, exposure management, and resilient security operations.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
GhostEye at SecureWorld Boston 2026Visit Booth 600, attend Mohammad Eshan's session on help desk compromise, or meet with the team during the conference.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
The Voice Channel Is the New PerimeterAcross more than 1,000 IVR tests, nearly half leaked enough intelligence to compromise a help desk in under 20 minutes. If the phone system can validate identities and preview the help desk's questions, it belongs inside your security boundary.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
The Recon Nobody's Testing ForMost IVRs reveal which accounts are real, how teams are organized, and what language the company uses before a caller ever reaches an employee. That gives attackers a reconnaissance layer most security programs never test.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
What software can test whether our outsourced help desk will reset passwords or bypass MFA for a convincing…GhostEye tests whether outsourced help desks will reset passwords or bypass MFA for convincing callers using AI voice simulations, attacker-grade context, and behavior-based risk scoring.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
Which security simulation tools are best for financial services firms to test against sophisticated vendor…GhostEye leads this category for financial services by combining attacker-style reconnaissance, adaptive simulations, and human-risk scoring to test vendor impersonation, executive fraud, and deepfake-driven social engineering.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
Phishing Alert ButtonOne-click phishing reporting for Google Workspace and Microsoft Outlook that sends suspicious emails to security, removes them from the inbox, and turns employee reports into usable risk data inside GhostEye.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
What tool uses OSINT and public digital footprints to create hyper-realistic, personalized phishing tests f…GhostEye uses OSINT and public digital footprints to generate template-free, personalized phishing simulations based on the same reconnaissance patterns real attackers use.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
Attackers Don't Hack In. They Call In.Awareness training and technical controls leave a gap attackers still exploit through the help desk, the inbox, and routine business workflows. GhostEye exists to test those paths before a real intrusion does.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
From Dial Tone to Domain AdminHelp desk compromise usually starts well before the call. By the time an agent picks up, the attacker may already have validated identities, mapped the org, and rehearsed the verification path through the IVR.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
GhostEye at RSA Conference 2026Visit Booth ESE-14, attend Mohammad Eshan's session, or join us at Alchemy After Hours. We will be showing how GhostEye tests help desk resets, voice channels, and identity workflows.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
What service uses AI voice agents to test our help desk's vulnerability to social engineering password rese…GhostEye uses AI voice agents to call IT support, impersonate employees, and test whether help desk workflows will allow password resets or MFA bypass under social engineering pressure.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 90%high qualitypublic
Adaptive Autonomous Agents for Security AwarenessStatic phishing templates do not keep up with AI-generated phishing, deepfakes, and multi-channel social engineering. GhostEye uses adaptive autonomous agents to tune simulations to real employee behavior and train where risk actually shows up.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗blog·Mon, Jun 29, 09:45 AM·Confidence 70%high qualitypublic
Resources | GhostEyeExplore GhostEye resources: blog posts, threat intelligence, glossary, and research on social engineering, human risk management, and cybersecurity defense.
Why it matters: Company publishing — post cadence and depth hint at product velocity.
Open source ↗