Make Your Cybersecurity Dollars Last Longer
In my last blog, I examined why cybercrime increases during economic hardship and why innovation and vigilance are necessary to keep up. But how are…
Category: Mix
Why Retail and E-commerce Organizations Trust Security Researchers During the Holiday Shopping Season
Retail and e-commerce organizations are major targets this time of year, which is why proactive security testing is essential to preparing for a potential onslaught…
Prove Your Worth: How to Measure Cybersecurity ROI and Impress Your Board
CISOs often struggle with proving ROI from security initiatives when trying to secure buy-in from the board and prioritize budget. A recent survey of security…
GUEST BLOG: Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?
The IoT Security Foundation’s fifth annual report into the state of vulnerability disclosure consumer Internet of Things, produced by Copper Horse and supported by HackerOne,…
Why This Moment In Cybersecurity Needs Hackers To Protect All Software
Originally published in Security Magazine When the pandemic hurled us into a cybersecurity crisis, there were some who held out hope that things would eventually…
A complete guide for beginners
Bug bounty hunting can seem overwhelming when you’re just starting, especially when you are coming from a non-technical background. And even then, bug bounty (or…
Network and Information Systems Directive (NIS2) Compliance: What You Need to Know
This blog will break down the NIS2 Directive drawing information from the original directive briefing published by the European Parliament and explain how organizations can…
Emerging technologies and their security implications
As organizations continue adopting emerging technologies, they gain immense benefits but also face new security challenges. Cloud computing, AI, IoT, and blockchain are reshaping the…
How Is API Abuse Different from Web Application Attacks by Bots?
API abuse and web application bot attacks are often confused. This is understandable, as both involve automated interactions and are usually executed by bots. Both…
Remote Code Execution with Spring Properties
Recently a past student came to me with a very interesting unauthenticated vulnerability in a Spring application that they were having a hard time exploiting.…
5 Insights Attendees Gained from the Security@ World Tour
If you weren’t lucky enough to catch us at a roadshow event, you’ll be delighted to know you can catch us again in 2025 with…
Evolving attack techniques and tactics
As cyber attackers refine their skills, their methods evolve to exploit vulnerabilities in innovative and increasingly difficult-to-detect ways. The modern cyber threat landscape includes new…