View vulnerabilities on Attack Surface page
View vulnerabilities on each asset across your attack surface The attack surface is where you can understand what you have...
Read more →Category: Mix
Bug Bytes #206 – Citrix more like Crit-trix amiright?
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by...
Read more →
AI and Machine Learning in Cybersecurity
Note: this post currently just has content on AI + reverse engineering, but check back soon and I’ll be covering...
Read more →
Practical Continuous Threat Modeling Work for Your Team
Izar describes the attributes required by threat modelling approaches in order to succeed in Agile dev environments, how to build...
Read more →
Behind the Scenes: Securing In-House Execution of Unsafe Third-Party Executables
Mukul Khullar, Staff Security Engineer, LinkedIn twitter, linkedinabstract slides video Mukul recommends a three step defense-in-depth process for mitigating these risks. 1....
Read more →
An Attacker’s View of Serverless and GraphQL Apps
An overview of functions-as-a-service (FaaS) and GraphQL, relevant security considerations and attacks, and a number of demos. What is Functions-as-a-Service...
Read more →
Securing your Workspaces from a Bot Uprising
Real TalkOne thing I appreciated about this talk is that Kelly and Nikki kept it real. Most blog posts, talks,...
Read more →
Preventing Mobile App and API Abuse
An overview of the mobile and API security cat and mouse game (securely storing secrets, TLS, cert pinning, bypassing protections...
Read more →
Node.js and NPM Ecosystem: What are the Security Stakes?
Vladimir de Turckheim, Software Engineer, Sqreen twitter, linkedinabstract slides video For vulnerabilities, a SQL injection example is given as well as regular...
Read more →
the Clear Site Data Header
The new Clear-Site-Data HTTP header allows a website to tell a user’s browser to clear various browsing data (cookies, storage,...
Read more →
Building Cloud-Native Security for Apps and APIs with NGINX
Stepan Ilyin, Co-founder, Wallarm twitter, linkedinabstract slides video How NGINX modules and other tools can be combined to give you a nice...
Read more →
Securing Third Party Applications at Scale
If you don’t get the process right, the technical stuff goes to waste. Background The Salesforce AppExchange was launched in...
Read more →