Meet the Team: Emelie Andersson – Building a fast-flying sales team
Swedish west coast native Emelie Andersson moved to the other side of the country 6 years ago to pursue a career in software sales. Today…
Month: April 2023
60 Days of Insights from the DOD’s Defense Industrial Base Vulnerability Disclosure Program Pilot
In April of 2021, the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) pilot kicked off a twelve-month program to invite security researchers to hunt for…
Introducing Asset Inventory: stay on top of your web asset security
Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps…
Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws
Tech giants Apple, Microsoft, and Google each fixed major security flaws in April, many of which were already being used in real-life attacks. Other firms…
AresLoader Camouflaged As A Citrix Project Sold For A $300 Subscription On GitHub
A new loader that is used to run and install additional malware on targeted systems was found by researchers at the Cyble Research and Intelligence…
How Hackers Can Help Reduce Your Organization’s Application Risk on AWS
HackerOne recently hosted AWS and a panel of expert ethical hackers to discuss how Server-Side Request Forgery (SSRF) vulnerabilities and cloud misconfiguration are ripe environments for hackers to discover…
Detectify now checks for File Disclosure in SSL VPNs – Pulse Secure and Fortinet
Pulse Secure and Fortinet have announced advisories detailing a critical vulnerability found that enables an unauthenticated user to conduct file disclosure in SSL VPN. Thanks…
Citrix’s Hacker-Powered Security Growth Plan: Q&A with Abhijith Chandrashekar
With over 400,000 customers, Citrix is a recognized industry leader in both digital workspace technology and in its approach to hacker-powered security. Spearheaded by Abhijith Chandrashekar,…
Week in review: PaperCut vulnerabilities, VMware fixes critical flaws, RSA Conference 2023
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSA Conference 2023RSA Conference 2023 took place at the Moscone…
How to Get a Finger on the Pulse of Corporate Networks via the SSL VPN
Detectify Crowdsource hacker, Alyssa Herrera, is a full-time bug bounty hacker and web application security researcher who works to protect organizations. They are one of…
HOW HACKERONE AND GITHUB NOW WORK BETTER TOGETHER
Developers need to bring security into their workflows without pivoting to separate security tools to get vulnerability information. HackerOne has created an integration with GitHub to streamline the process…
How Detectify handles Zero-Day submissions
Finding a zero-day (0-day) is probably one of the best feelings in the world for a hacker, and sometimes we receive these submissions through Detectify…