How to Mitigate the Latest API Vulnerability in FortiManager
Overview of the FortiManager API Vulnerability Recently, a critical API vulnerability in FortiManager (CVE-2024-47575) was disclosed. Certain threat actors exploited it in the wild to…
Category: Mix
Take control of your security posture: The Burp Suite Enterprise Edition winter update | Blog
Rob Samuels | 30 October 2024 at 09:12 UTC Manage your security, your way. Managing a complex, enterprise-level web estate requires robust compliance, streamlined management…
Securing Our Elections Through Vulnerability Testing and Disclosure
Security researchers and election technology manufacturers at the Election Security Research Forum (ESRF). The Event In preparation for the election season, HackerOne planned and executed…
how to find more vulnerabilities using Google search
Bug bounty hunters who spend time in content discovery and reconnaissance, in general, are always rewarded well for their efforts as they often come across…
Measure, Compare, and Enhance Security Programs with HackerOne Benchmarks
Without clear comparisons and long-term visibility, it’s challenging to identify areas for improvement and make informed, data-driven decisions. That’s why we’re excited to introduce HackerOne Benchmarks,…
Reducing False Positives in API Security: Advanced Techniques Using ML
False positives in API security are a serious problem, often resulting in wasted results and time, missing real threats, alert fatigue, and operational disruption. Fortunately,…
The Most Important Sentence
For anyone struggling career or purpose-wise, I have a diagnostic for you. I believe one of the biggest problems in the world is ___________, which…
OWASP Top 10: The Risk of Cryptographic Failures
What Is Cryptography? Cryptography is the practice and study of techniques for securing communication and information by transforming it into a format that is unreadable…
AWS Security Configuration Review and Best Practices
In fact, the Cloud Security Alliance’s Top Threats to Cloud Computing 2024 Report ranks the following concerns as the top three: Misconfiguration and inadequate change control…
Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen
The file upload vulnerability type is as broad in scope as the number of different file types. These vulnerabilities are an ever-present security concern. While…
How Security Edge Revolutionizes API Security
Wallarm’s Security Edge is setting a new standard in API security—far beyond the reach of traditional Content Delivery Networks (CDNs). Let’s get it straight: Security…
The complete guide for in-scope entities
NIS2 will take effect across the EU from 18th October 2024, meaning time is running out to comply with its provisions. This Directive, replacing NIS1…