Infosec products of the month: April 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Arista Networks, Armorblox,...
Read more →News Archive
View All →
Spotlight on the Server-Side | HackerOne
Server-side request forgery (or SSRF) vulnerabilities can lead to total system compromise and allow access to an organization’s internal or...
Read more →
HTTP response splitting exploitations and mitigations – Detectify Blog
HTTP Response Splitting is a type of attack that occurs when an attacker can manipulate the response headers that will...
Read more →
MICROSOFT SAYS: RUSSIAN SOLARWINDS HACKERS HIT U.S. GOVERNMENT AGENCIES AGAIN
According to the New York Times, Microsoft says the state-backed Russian hacker group Nobelium—the same actor behind the 2020 SolarWinds...
Read more →
Lerhan: Bypassing IDOR protection with URL shorteners
Xavier Blasco (a.k.a Lerhan) is a 23-year old security researcher on the Detectify Crowdsource Platform. He’s passionate about security and...
Read more →
HOW DIGITAL TRANSFORMATION CHANGES AN ORGANIZATION’S SECURITY CHALLENGES
Last week, HackerOne joined WhiteSource, AWS, and IGT for a roundtable discussion about the new security challenges of digital transformation. Both existing organizations...
Read more →
Content Security Policy (CSP) explained including common bypasses
We have written about Content Security Policy (CSP) on Detectify Labs before. But maybe you’re wondering why should you have...
Read more →
Enhance Employee Productivity by Adopting a Modern Approach to Password Security
By Joshua Parsons, Product Marketing Manager at Enzoic For decades, enterprise security measures and employee productivity were seemingly at odds....
Read more →
Complexity is Still the Enemy of Security
Ease of Use, Ease of Integration Encourages Data Protection By Gregory Hoffer, CEO of Coviant Software In 1999 noted cybersecurity...
Read more →
HACK HARD. HAVE FUN. INCREASE SECURITY
Amazon’s Live Hacking Event with HackerOne At Amazon, ensuring security is essential for earning customers’ trust. As part of Amazon’s ongoing...
Read more →
What is a blind vulnerability and how can it be exploited and detected?
There are times where an attacker can hack a system and yet nothing is sent back, and this is classified...
Read more →BUILD A RESILIENT SECURITY POSTURE WITH VULNERABILITY INTELLIGENCE AND CYBERSECURITY RATINGS
Reducing risk is the fundamental reason organizations invest in cybersecurity. The threat landscape grows and evolves, creating the need for...
Read more →