OWASP Top 10 Vulnerabilities Explained
OWASP is a non-profit organization with the goal of improving the security of software and internet. They have put together a list of the ten…
Category: Mix
Hacker-Powered Security Report 2018, 188 Facts
Another year, another Hacker-Powered Security Report! We pulled out 100 of the report’s top facts—and then added 18 more, since it’s 2018. See below for…
IT Sec FAQ – Detectify Blog
We love talking about security and we believe that security knowledge should be easily accessible and fun. This is why we came up with our…
7 Common Security Pitfalls to Avoid When Migrating to the Cloud
So you want to move to the cloud. It’s okay. You’re not alone. 96 percent of decision makers in one survey have cloud initiatives underway.…
IT Security FAQ 7: What is OWASP Top 10?
The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. Their mission is to make…
What is a Responsible Disclosure Policy and Why You Need One
Bug bounty programs may capture the majority of headlines in hacker-powered security today, but organizations of all shapes and sizes must first open a channel…
OWASP TOP 10: Broken Authentication
Update: Broken Authentication has moved down the list to position #7 because it seems to be less of an issue due to increasing adoption of…
H1-702 2018 makes history with over $500K in bounties paid!
In August 2016, a small group of HackerOne staff brought to life the first ever live hacking event in HackerOne’s history at DEF CON 24…
Join a demo session with Detectify
We will have scheduled Demo sessions this week and we definitely think that you should join. In the 30 minute session we will cover: Understanding…
Highlights of New York’s Cybersecurity Regulation 23 NYCRR Part 500
September 4, 2018 – Eighteen month transitional period ends. Covered Entities are required to be in compliance with the requirements of sections 500.06, 500.08, 500.13,…
OWASP TOP 10: Cross-site Scripting – XSS
Update: On the OWASP Top 10 2021 proposed, Cross-site scripting (XSS) was moved from the top of the OWASP list as a stand-out vulnerability, into…
Explaining the Best Prompt Injection Proof of Concept · rez0
I’ve been theorizing and researching prompt injection attacks. They’ve mostly been theoretical, though. In this post, I’m going to break down and explain the best…