Man vs. machine: Striking the perfect balance in threat intelligence

In this Help Net Security interview, Aaron Roberts, Director at Perspective Intelligence, discusses how automation is reshaping threat intelligence. He explains that while AI tools can process massive data sets, the nuanced judgment of experienced anal… Continue reading Man vs. machine: Striking the perfect balance in threat intelligence

Fedora Amicably Resolves Legal Threat From OBS Studio Over Downstream Flatpak

When it comes to application packaging, earlier this month the site Its FOSS complained that Fedora Flatpaks “are often unmaintained or broken, leading to a poor experience for users who aren’t usually aware they’re using them.” And this apparently cre… Continue reading Fedora Amicably Resolves Legal Threat From OBS Studio Over Downstream Flatpak

Misconfig Mapper: Open-source tool to uncover security misconfigurations

Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with de… Continue reading Misconfig Mapper: Open-source tool to uncover security misconfigurations

Why AI deployment requires a new level of governance

In this Help Net Security video, Lee Waskevich, VP of Security at ePlus, discusses how AI deployment demands enhanced governance and stricter controls, particularly in managing data. The recent ePlus AI Readiness survey revealed that the top data conce… Continue reading Why AI deployment requires a new level of governance

How to protect web app against login CSRF while also allowing mobile app/curl to access REST API?

I am using Django REST framework.
I want a single API for all of my clients (web, mobile, curl).
I understand that I need to include a CSRF token in requests originating from the web client, to protect against CSRF. However, this is not ne… Continue reading How to protect web app against login CSRF while also allowing mobile app/curl to access REST API?