Collaborate Disseminate
Editor’s Note: The chapter, “Question Everything” is included in Epic Failures in DevSecOps, Volume 2, which is available for free download.
In the early days of DevOps there was a saying: ‘I wouldn’t want my life support system developed b… Continue reading Eliza May Austin Asks Us to Question Everything [VIDEO]
Businesses are adopting development and operations (DevOps) to tap into new business opportunities. These DevOps initiatives are the engine driving digital transformation. But as DevOps takes hold and organizations focus more and more of their time and… Continue reading Misconfigurations and Alert Fatigue Require a Modern AppSec Approach
Anyone know of a good fast way to detect multi step vulnerabilities? For example x endpoint is a dumb post and returns success. Y endpoint gets the request that was submitted in x.
This year’s theme at RSA Conference 2020 is the Human Element. Fundamentally, what those of us do in the realm of cybersecurity goes beyond protecting our networks, applications, and systems; it’s about people protecting people.
The post Ap… Continue reading AppSec-related Must-do Activities and Sessions at RSA 2020
While the idea of “automation” may seem like a modern concept, it dates back to around 762 B.C. when the concept was first introduced in Homer’s epic battle poem The Iliad.
The post 4 Reasons to Automate Security Testing with AppSec I… Continue reading 4 Reasons to Automate Security Testing with AppSec Instrumentation
I have successfully overwritten the EIP register (pointing to my shellcode) but the shellcode is not executing. I compiled with the command
gcc -g -fno-stack-protector -z execstack -no-pie vuln.c -o vuln
Here’s the output of gdb-peda … Continue reading EIP pointing to shellcode but shellcode is not executing?
If I do a web search for proxying macOS apps using Burp Suite, I don’t get any useful info. Instead, I get dozens of results talking about how to proxy iOS or Android apps. I am talking about desktop apps. On macOS, I’ve followed the below… Continue reading How can I proxy traffic of macOS Mojave APPS using Burp Suite?
My APK will not work in proxy environment, but is there any other way to intercept the mobile through proxy?
It’s 2020. If you’re developing applications, you need application security. Period.
This is an important message with…
The post What to Do When You Need AppSec Right Now appeared first on ZeroNorth.
The post What to Do When You Need … Continue reading What to Do When You Need AppSec Right Now
I am trying to understand what is the difference between these two. I know both roles are some quite similar, because as vulnerability research, and product security finds flaws in popular apps, nonpopular, but however in VR it may involv… Continue reading What’s the difference between product security and vulnerability research?