A severe command injection vulnerability in the GlobalProtect Gateway feature of PAN-OS versions 10.2, 11.0, and 11.1 underscores the critical importance of API security in…
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company’s success, and…
Race condition vulnerabilities make up less than 0.3% of reports on the HackerOne platform. However, researchers have recently been particularly interested in experimenting with race…
This is an overview of the conversation and some of the best practices shared when creating a remote workplace. Listen to the full episode and…
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company’s success, and…
Effectiveness: Effectiveness measures the method’s ability to provide reliable and accurate vulnerability detections, comprehensive system coverage, compliance with standards, and a diverse testing team for…
Flexibility Redefined One of the advantages of digital first work is the flexibility it offers employees. Our recent employee engagement survey tells us that flexibility…
The Significance of Credential Rotations In today’s digital landscape, the significance of regular credential rotations cannot be overstated. Unfortunately, not all organizations recognize the critical…
“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their…
APIs (Application Programming Interfaces) have proliferated widely, which increases their susceptibility to various vulnerabilities. In the realm of web applications, prime examples that stand out…
Diving into pentest readiness, this comprehensive preparation guide is adaptable to different types of pentest, regardless of the target’s size or complexity. In Part 1…
What Is XZ Utils and What Happened? XZ Utils is an open source software commonly found in most Linux distros, although CVE-2024-3094 is only present…
