Collaborate Disseminate
As a mechanism to offload PCI risks, many retailers are now using third-party credit card processing for their online transactions. The retailer’s benefit is they are no longer handling the credit card data, thereby reducing the cardholder footprint (a… Continue reading Tales from the Front Lines: How Third-Party APIs Simplify Enumeration Attacks
Stopping attackers and their malicious intent is every security practitioners’ goal. But there are times when we need to grant unfettered access to network resources for day-to-day operations. Better known as whitelisting, I have seen scenarios where a… Continue reading Tales from the Front Lines: Whitelist and Forget, A Cautionary Tale
APIs make your systems easier to run — and make it easier for hackers, too. Continue reading APIs Are the Next Frontier in Cybercrime
In a previous blog, I talked about how the Covid-19 pandemic lockdown had corresponded to an increase in attack intensity. Since then, different parts of the country have begun to reopen, and in some cases reclosing, yet the attackers have maintained t… Continue reading Tales from the Front Lines: Maintaining Detection Efficacy (and Your Cool) in the Summer Heat
I was recently working on an application penetration test and it dawned on me. If the QA for this organization had done a few of these steps in their exercising of the site, they would have more easily identified some … Continue reading →
The post Security Tools in QA appeared first on AsTech Consulting.