Crushing FUD: Embracing Ethical Hackers to Strengthen Cybersecurity
What is FUD? Fear, Uncertainty, and Doubt (FUD), are central blockers to high-efficacy security programs by creating a climate of fear and hesitation, which impedes…
Category: Mix
API Attack Surface: How to secure it and why it matters
Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the…
HackerOne’s Commitment to Learning and Development
HackerOne is committed to providing comprehensive learning and development opportunities to fuel our competitive edge and cultivate a highly skilled and deeply motivated workforce. Why…
Evolution of Attack Surface Management
The Early Days: Basic Asset Management While it was not called ASM, the concept of managing attack surface management began with basic asset management practices…
How Hai Facilitates Clear and Effective Communication
The Communication Challenge in Cybersecurity The vulnerability management process involves various stakeholders, each with their own expertise and communication styles. Security teams focus on identifying…
Pentesting for iOS Mobile Applications
Pentest reports are a requirement for many security compliance certifications (such as GDPR and HIPAA), and having regular pentest reports on hand can also signal to high-value customers…
WordPress GiveWP POP to RCE (CVE-2024-5932)
A few days ago, Wordfence published a blog post about a PHP Object Injection vulnerability affecting the popular WordPress Plugin GiveWP in all versions donor_meta->get_meta()…
The Real Problem With the Job Market
Table of Contents The feeling If you’re like me, you’ve had this strange, uneasy feeling about the job market1 for a few years now. The…
What tech leaders do before going on vacation
As a technical person who leads a technical team, I know firsthand that it can be easy to get lost in finishing up your own…
Measuring productivity with GitHub issues
How long does it take for a bug to get squashed, or for a pull request to be merged? What kind of issues take the…
Optimizing text for ChatGPT: NLP and text pre-processing techniques
In order for chatbots and voice assistants to be helpful, they need to be able to take in and understand our instructions in plain language…
Retail Under Attack: 6 Learnings from a Retail Customer
1. Retail and E-commerce Are Prone to Credential-based Attacks “Credential-based attacks are evergreen.” When asked what significant security threats are prevalent in the retail and…