Breaking Down the OWASP Top 10: Insecure Design
In the absence of these considerations, systems can be retrofitted with ineffective security controls or lack them entirely. This can...
Read more →Category: Mix
Detectify year in review 2024
In 2024, we shipped numerous features to help security teams manage their growing attack surface. Some examples are Domain Connectors...
Read more →
A complete guide to finding advanced file upload vulnerabilities
File upload vulnerabilities are fun to find, they are impactful by nature and in some cases even result in remote...
Read more →
New York Releases AI Cybersecurity Guidance: What You Need to Know
AI adoption is accelerating in the financial services industry, both as an asset for improving business operations and as a...
Read more →
A complete guide to finding advanced file upload vulnerabilities
File upload vulnerabilities are fun to find, they are impactful by nature and in some cases even result in remote...
Read more →
How Crypto and Blockchain Organizations Manage Complex Attack Surfaces With Competitive Security Testing Programs
There are three factors that differentiate crypto and blockchain organizations from other industries; their attack surfaces, their most common vulnerabilities,...
Read more →
How a Privilege Escalation Led to Unrestricted Admin Account Creation in Shopify
In a privilege escalation attack, an attacker gains elevated rights, permissions, or entitlements beyond the intended level associated with their...
Read more →
The key to ensuring software quality and reliability
Regression testing is a crucial part of software development that ensures new code changes don’t negatively affect existing functionality. It...
Read more →
Hack My Career: Saskia Braucher
When Saskia joined the tech world, she didn’t follow the conventional path of computer science degrees or coding boot camps....
Read more →
Six Years of Proactive Defense: Deribit’s Journey with HackerOne
Q: Why did Deribit launch a bug bounty program? A: I like to view security as an onion where each...
Read more →
Introducing the Wells Fargo Public Bug Bounty Program
Since then, we’ve grown the program, collaborated with HackerOne, and built partnerships within the bug bounty community. The valuable insights...
Read more →Top Tool Capabilities to Prevent AI-Powered Attacks
Recent advances in AI technologies have granted organizations and individuals alike unprecedented productivity, efficiency, and operational benefits. AI is, without...
Read more →