SEC vs. SolarWinds is Cybersecurity’s ENRON Moment
Then the industry grows up and processes start to take over. And within a few decades it’s more the process doing the work than the…
Category: Mix
How to Permanently Remove Your Fear of Public Speaking
After a number of requests, here’s the follow-up to my recent post about lowering your heart rate before giving a talk. In that piece, I…
How to Fortify Your Assets & Maintain Compliance
Stepped-up SEC Enforcement Makes Proactive Security a Must The SEC’s finalized cybersecurity rules, effective starting mid-December 2023, place a spotlight on requirements for transparency regarding…
[tl;dr sec] #208 – Cybersecurity GPT Agents, Supply Chain Security, Kubernetes Pentest Image
I hope you’ve been doing well! (Expect more details about my travel jaunts next week, this week I miscalculated timezones 😅 ) I first came…
How Human Security Testing Helps the U.S. Government’s Zero Trust Mandate
One major reason for the progress is a May 2021 Executive Order that pushes federal agencies to speedily embrace the “never trust; always verify” cybersecurity…
HackerOne Responds To The Review of The UK’s Computer Misuse Act (CMA)
By Ilona Cohen, Chief Policy Officer, and Michael Woolslayer, Policy Counsel The U.K. is in the midst of a multi-year review of its primary anti-hacking…
GUEST BLOG: Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?
The IoT Security Foundation’s fifth annual report into the state of vulnerability disclosure consumer Internet of Things, produced by Copper Horse and supported by HackerOne,…
Meet the Talent Strategy Team
Our understanding of leadership and employee needs and the ability to build learning and development content made it easier for us to make development recommendations…
Severity Does Not Mean Priority
Automated scanners and tools are noisy; they do not know your business and can’t extrapolate context to truly understand validity and impact. Severity ratings are…
Introducing Bambdas | Blog – PortSwigger
Emma Stocks | 14 November 2023 at 08:27 UTC You’ve might have heard of Lambdas. But have you heard of Bambdas? They’re a unique new…
OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
Lazy-loading iframe in Firefox
최근에 Firefox쪽에서 하나 업데이트를 예고 했습니다. 곧 img 태그에만 존재하던 lazy-loading이 iframe에도 적용되는데요. 성능적인 장점은 분명히 있겠지만, img와 달리 XSS의 리스크가 높은 iframe의 로드 시점을…