Category: Mix

How HackerOne Helps the Vulnerability Management Process
01
May
2023

How HackerOne Helps the Vulnerability Management Process

How HackerOne Helps the Vulnerability Management Process HackerOne sees vulnerability management as a process combining software tools and security analyst…

Detectify security updates for 18 April
01
May
2023

Detectify security updates for 18 April

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings,…

Saxo Bank Celebrates One Year of Bug Bounties: Q&A with CISO Mads Syska Hasling
01
May
2023

Saxo Bank Celebrates One Year of Bug Bounties: Q&A with CISO Mads Syska Hasling

Q: Tell us a bit about yourself. A: I’m Mads Syska Hasling, CISO at Saxo Bank. I run the first-line…

Detectify security updates for 02 May
01
May
2023

Detectify security updates for 02 May

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings,…

A Security Engineer and Hacker Share Their Experiences with Security Assessments
01
May
2023

A Security Engineer and Hacker Share Their Experiences with Security Assessments

App Security is More Vital than Ever The number of apps that organizations and individuals interact with has exploded over…

The real impact of an Open Redirect vulnerability
01
May
2023

The real impact of an Open Redirect vulnerability

Detectify is building web app security solutions that are automated and crowd-based. By collaborating with ethical hackers, business critical security…

5 Secrets of a Mature Vulnerability Management Program from Costa Coffee and Priceline
01
May
2023

5 Secrets of a Mature Vulnerability Management Program from Costa Coffee and Priceline

This week HackerOne hosted a series of webinars that asked participants about how they rated their level of vulnerability management…

Fitting automated security throughout the CI/CD pipeline
01
May
2023

Fitting automated security throughout the CI/CD pipeline

As companies compete with how fast new features and products can be released on the digital market, a byproduct of…

Spotlight on the Server-Side | HackerOne
01
May
2023

Spotlight on the Server-Side | HackerOne

Server-side request forgery (or SSRF) vulnerabilities can lead to total system compromise and allow access to an organization’s internal or…

HTTP response splitting exploitations and mitigations - Detectify Blog
01
May
2023

HTTP response splitting exploitations and mitigations – Detectify Blog

HTTP Response Splitting is a type of attack that occurs when an attacker can manipulate the response headers that will…

MICROSOFT SAYS: RUSSIAN SOLARWINDS HACKERS HIT U.S. GOVERNMENT AGENCIES AGAIN
30
Apr
2023

MICROSOFT SAYS: RUSSIAN SOLARWINDS HACKERS HIT U.S. GOVERNMENT AGENCIES AGAIN

According to the New York Times, Microsoft says the state-backed Russian hacker group Nobelium—the same actor behind the 2020 SolarWinds…

Guest blog from Detectify Crowdsource researcher Lerhan
30
Apr
2023

Lerhan: Bypassing IDOR protection with URL shorteners

Xavier Blasco (a.k.a Lerhan) is a 23-year old security researcher on the Detectify Crowdsource Platform. He’s passionate about security and…