Pentesting for Web Applications: Methodologies & Best Practices
Pentest reports are a requirement for many security compliance certifications (such as ISO 27001 and SOC 2), and having regular pentest reports on hand can also signal…
Category: Mix
Caffeinate Your Mac
Did you know your MacBook has a built-in barista? Well, sort of. It’s called ‘caffeinate’, and it’s a nifty little command that keeps your Mac…
Feedback-Driven Interviewing at HackerOne | HackerOne
The Talent Acquisition team currently has a net promoter score (NPS) of 56%, while the industry standard is 50%. However, we can improve and refine…
Monzo launches public bug bounty program to strengthen digital security
Monzo is launching its public bug bounty program, a strategic step to bolster online security. With a keen focus on user safety, this initiative aims…
Malicious JavaScript Injection Puts Over 100k Websites At Risk –
Polyfill.io helps web developers achieve cross-browser compatibility by automatically managing necessary polyfills. By adding a script tag to their HTML, developers can ensure that features…
What HackerOne Customers Say About Remediating Vulnerabilities and Getting the Best Results From Hackers
Remediating Vulnerabilities Streamlining communication between hackers and security teams, HackerOne customers are able to quickly and thoroughly remediate vulnerabilities before they result in a breach.…
What Is the Digital Operational Resilience Act (DORA)?
DORA focuses on Information and Communications Technology (ICT) systems and applies to all financial institutions in the EU. This includes traditional entities such as banks,…
Six must-know ethical hacking facts and stats for businesses
The role of ethical hackers in cybersecurity teams has become more crucial than ever. With the increasing complexity and frequency of cyber threats, organizations must…
Security Risks and Best Practices
Most software companies resort to using third-party solutions for completing certain tasks within their company. A common example is a ticketing platform that helps teams…
New OpenSSH RegreSSHion Vulnerability Gives Hackers Root Access on Linux Servers
Labeled as CVE-2024-6387, the recently discovered vulnerability in OpenSSH has become a serious cause for concern among Linux servers. OpenSSH is a collection of networking…
Alerts on Policy Breaches Now Available via API
All Surface Monitoring users can configure Attack Surface Policies directly from the new Domains page, enabling various combinations of characteristics that were previously unavailable. Users…
GitLab Fixes CI/CD Vulnerabilities With Patch
A security flaw that impacts specific versions of GitLab’s Community and Enterprise Edition products was just detected. This vulnerability can be exploited to execute pipelines…