Indicator of Compromise effective periods
How long should IOCs be monitored? Are there best practices or other reasonings?
I would think monitoring IOCs indefinitely is not ideal. Perhaps 90 days would suffice?
Collaborate Disseminate
How long should IOCs be monitored? Are there best practices or other reasonings?
I would think monitoring IOCs indefinitely is not ideal. Perhaps 90 days would suffice?
There is some debate going on among my peers. With differing opinions regarding risk on infected thumb drive with limiting policies set on it.
Question is Can you still get an infection with read only access, disable write o… Continue reading Read Write Execute on infected thumb drives
When doing vulnerability assessment and pentesting against web applications.
An outdated browser or updated browser should be used?
Continue reading Use outdated browser or updated browser for vulnerability assessment and pentesting
Should business logic attack be one of the testing methods during pentesting or vulnerability assessment project?
Business logic attacks most of the time are left out during pentesting either it was not mentioned or are not … Continue reading Should business logic attack be one of the testing methods during pentesting or vulnerability assessment project?
What happened was, a friend’s company is using dated dot net nuke framework. A html page with ‘hacked by xxxx’ was found uploaded onto the web server.
Upon investigating, it is determined that a webshell was uploaded through… Continue reading Can a WAF block or detect crafted html file and obfuscated PHP script/shell
What happened was, a friend’s company is using dated dot net nuke framework. A html page with ‘hacked by xxxx’ was found uploaded onto the web server.
Upon investigating, it is determined that a webshell was uploaded through… Continue reading Can a WAF block or detect crafted html file and obfuscated PHP script/shell
There is thing about implementing security in the early phases. Owasp mention implementing through AppSec Pipeline. DevOps folks talk about DevSecOps. Looking at the diagrams and phases of implementation. Seems like they are … Continue reading Difference between AppSec Pipeline vs DevSecOps
There is thing about implementing security in the early phases. Owasp mention implementing through AppSec Pipeline. DevOps folks talk about DevSecOps. Looking at the diagrams and phases of implementation. Seems like they are both the same?… Continue reading Difference between AppSec Pipeline vs DevSecOps
When using oauth for web servers that are behind the firewall or having ports filtering/blocking, is there a need for to have a proxy or some sort?
Update: There are different standards to how organization or people protecti… Continue reading Does using Oauth behind firewall/closed ports requires proxy