Collaborate Disseminate
APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports. Instead of writing reports by hand, users can create PDF and Excel files directly in the tool. A… Continue reading APTRS: Open-source automated penetration testing reporting system
In this Help Net Security interview, Esteban Gutierrez, CISO and VP of Information Security at New Relic, discusses how the adoption of cloud infrastructure is outpacing security readiness. He shares strategies for overcoming common misconfigurations a… Continue reading Observability is security’s way back into the cloud conversation
It starts with good intentions. A tool to stop phishing. Another to monitor endpoints. One more for cloud workloads. Soon, a well-meaning CISO finds themselves managing dozens of products across teams, each with its own dashboard, alerts, and licensing… Continue reading CISOs battle security platform fatigue
In this Help Net Security interview, Arun Shrestha, CEO at BeyondID, discusses how AI is transforming secure access management for both attackers and defenders. He discusses the shift toward identity-first security, and the role of contextual and conti… Continue reading The shift to identity-first security and why it matters
YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs and bucket policies – including the complex combinations of account and … Continue reading YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection
In this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis, discusses how CISOs can balance security and innovation while managing the risks of shadow IT. Rather than focusing on restrictive policies, fostering proact… Continue reading Forward-thinking CISOs are shining a light on shadow IT
Cybersecurity isn’t what it used to be. Attackers are moving quicker, disruptions happen all the time, and many security plans built for more predictable times just can’t keep up. With everything from ransomware to geopolitical threats to cloud slip-up… Continue reading Building a cybersecurity strategy that survives disruption
Zero to Engineer is a practical guide for anyone looking to launch a career in information technology without a traditional college degree. The book draws from the author’s unlikely journey – from being expelled from high school to earning … Continue reading Review: Zero to Engineer
In this Help Net Security interview, Aaron Weismann, CISO at Main Line Health, discusses the growing ransomware threat in healthcare and why the sector remains a prime target. He explains the difficulties of protecting patient information, securing leg… Continue reading Balancing data protection and clinical usability in healthcare
BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were made spe… Continue reading BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework