What Is a Security.txt File and How Can It Help Your Program?
Security.txt is a security mechanism that allows your organization to provide its vulnerability disclosure policy and contact information in a standardized format and location. The…
Category: Mix
Detectify Security Updates for 12 April
Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25…
Twitter’s Blue Checkmark Strategy Reduces Trust in Pursuit of Revenue
If we lose account validation from the checkmark, what are we getting in return? Created/Updated: November 3, 2022 When I heard that Twitter was going…
Ethical Hackers Help Beiersdorf Minimize Risk and Protect Their Attack Surface
Beiersdorf’s cybersecurity team is always thinking about the best ways to secure their public-facing assets. As their digital footprint increases, they add new processes and…
A hacker’s approach to finding security bugs in open source software
Spencer Pearlman, Security Researcher at Detectify, presented A Hacker’s Approach to Finding Security Bugs in Open Source Software in a partnered webinar with friends at…
AI is a Gift to Transparency
We’re about to be able to collect—and ask questions of—any corpus of data Created/Updated: April 23, 2023 GPT-based AI is about to give us unprecedented…
How Critical Infrastructure Can be Protected from Threats
Accessing a major critical infrastructure network is very appealing to cybercriminals, as they can maximize societal impact and demand large ransom sums to fix tampered…
Detectify Security Updates for 27 April
Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25…
My Prediction For Twitter – Daniel Miessler
Created/Updated: November 6, 2022 I’m a bit Elon and Twittered out, but I want to capture a basic prediction about all the shenanigans. As for…
Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134)
Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by sending an HTTP request with an attack payload to a vulnerable instance of…
Leading SaaS innovation with collaboration and security transparency
Detectify security experts are speaking with security managers and operational defenders daily. There’s a clear division on how a modern and mature organization will approach…
AI Art Just Opened The Threat to Human Work We Were Expecting from AGI
Let me start with the punchline: Something like 80% of most “knowledge work” is about to get replaced by artificial intelligence. I’m not professionally educated…