Apache Struts Vulnerabilities – Detectify Blog
Apache Struts is a well-known development framework for Java-based web applications that is mostly used in enterprise environments. If you search for Apache Struts CVEs…
Category: Mix
PayPal is our Virtual Pal
In June, sixty-one hackers from thirteen countries gathered (virtually) to hack digital payments platform PayPal as part of HackerOne’s latest virtual hacking event, h1-2006. Hackers…
Welcome to Detectify’s Boston office!
Our brand new office in Boston, Massachusetts, is Detectify’s base for US sales operations. We had a chat with our US Head of Sales about…
The Rise of IDOR | HackerOne
Insecure Direct Object References (or IDOR) is a simple bug that packs a punch. When exploited, it can provide attackers with access to sensitive data…
Scaling up Security with DevOps and CI/CD practices
Some believe that “whatever can be automated, should be automated” and in general benefits include faster production, consistency in product and quality, rolling back from…
Security@ 2021 Call for Speakers is Open
HackerOne’s global Security@ conference is back for its fifth year on September 20, 2021. Today, we’ve opened our call for speakers! Are you interested in…
Detectify security updates for 4 April
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from…
Reddit’s Bug Bounty Program Kicks Off: Q&A with Reddit’s Allison Miller and Spencer Koch, and Top Program Hacker @RENEKROKA
After three years running a successful private bug bounty program on HackerOne, Reddit has announced that it’s taking their bug bounty program public. We sat down with Reddit’s…
What information does Detectify provide for PCI Compliance Requirement 6?
The Payment Card Industry Data Security Standard (PCI DSS) program provides an information security compliance benchmark for companies that are handling, processing and storing cardholder…
How HackerOne Helps the Vulnerability Management Process
How HackerOne Helps the Vulnerability Management Process HackerOne sees vulnerability management as a process combining software tools and security analyst actions to reduce risk. In…
Detectify security updates for 18 April
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from…
Saxo Bank Celebrates One Year of Bug Bounties: Q&A with CISO Mads Syska Hasling
Q: Tell us a bit about yourself. A: I’m Mads Syska Hasling, CISO at Saxo Bank. I run the first-line security organization in Saxo Bank,…