CVSS 4.0 Preview 살펴보기
CVSS(Common Vulnerability Scoring System)는 시스템, 소프트웨어의 취약성을 평가하기 위해 사용되는 취약성에 대한 스코어링 시스템입니다. Offensive Security 관련하여 현업에 있다면 익숙하지만 반대로 문제점도 많다고 느껴지는 그런…
Category: Mix
Bug Bytes #203 – CVSS 4.0, MOVEIt and How CI/CD Pipelines Go Wrong
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
Ruby Cheatsheet
🔍 Introduction Ruby는 자연스럽게 읽히고 쓰기 쉬운 우아한 문법을 가지고 있는 언어입니다. 철학 자체가 인간 중심의 설계다 보니 뛰어난 가독성을 가졌고 언어 자체도 쉽게 사용할…
Holistic API Security Strategy for 2023
In the digital landscape of 2023, Application Programming Interfaces (APIs) have taken center stage in business operations. APIs act as the backbone of many digital…
Patch Diffing Progress MOVEIt Transfer RCE (CVE-2023-34362) – Assetnote
In the last few days, threat actors have been exploiting a critical pre-authentication vulnerability within Progress MOVEIt Transfer. There have been several great blog posts…
[tl;dr sec] #185 – Artisanal to Industrial Security, Securing the EC2 Instance Metadata Service, 12 Threat Modeling Methods
Hey there, I hope you’ve been doing well! 🚨 Changing Platforms 🚨 Over the next few weeks I’m going to be changing two important things…
Seven Essential Components Of A Top-Tier Attack Surface Management Program
1. Discover and Import Maintaining an up-to-date inventory of all your internet-facing assets is crucial for effective risk management. HackerOne automates continuous attack…
How To Write A Good Report
Writing a good report is as important as finding the vulnerabilities. Providing an unclear proof of concept can slow down the process of triaging your…
Our latest integration – Slack
We’re happy to share that Intigriti now integrates with Slack, a top business communication tool used widely across industries. This feature allows automatic updates to…
OWASP API Security Top-10 for 2023 Risk Ratings
As you know by now, the final version of the OWASP API Security Top-10 2023 has been released. At first blush, the final 2023 release…
OWASP API Security Top-10 Risks for 2023 Released
Back in April we took an in-depth look at the proposed OWASP Top-10 API Security Risks list for 2023. This Release Candidate (RC) contained a…
No. 385 Satellite hacking, Tree of Thoughts, Prompting Hierarchy…
*|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|* *|END:INTERESTED|* *|INTERESTED:Memberful Plans:UL Subscription (Annual) (53074)|**|ELSE:|* *|END:INTERESTED|* Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how…