Collaborate Disseminate
I have recently been occupied with a question regarding IT security. Suppose there is an application on a PC that is connected to the Internet, but it does not have access to the Internet or support any other connection (such… Continue reading Can a bug in an application that has no internet connection be used from outside
For an enterprise setting, how secure are Route Guards against script kiddies, hackers, and advanced threats?
If I understand correctly, the route guards are all available in .js files to the attacker and since all of the data is on the c… Continue reading How good are Angular Route Guards from a security standpoint?
Since joining ZeroNorth, I’ve spent a lot of time meeting with companies to discuss the challenges and opportunities…
The post This is How Orchestration Can Break the AppSec Stalemate appeared first on ZeroNorth.
The post This is How Orches… Continue reading This is How Orchestration Can Break the AppSec Stalemate
Contrast Labs finds that 71% of applications have at least one OWASP Top Ten vulnerability when onboarded to Contrast Assess.
The post Two Years After the Release of the 2017 OWASP Top Ten, Limited Improvements Shown appeared first … Continue reading Two Years After the Release of the 2017 OWASP Top Ten, Limited Improvements Shown
I have been working on exploit development and reverse engineering for a few months, but I have some doubts after gaining solid knowledge.
I am at the main function of Adobe Reader DC or Foxit, but what next? There are many … Continue reading Strategy for effective vulnerability research
Here is the story. There is a private company, that has some software product that is used by thousands of its customers. After spending few sleepless nights on reverse engineering that product, I identified a critical flaw i… Continue reading How do I sell critical vulnerability info to private company?
Last week, reports, like this one from Dark Reading, surfaced a remotely exploitable bug found in Facebook’s popular WhatsApp chat app, that spies on users and specifically targeted human rights groups. Facebook patched the flaw last week in… Continue reading What Developers Need to Know About WhatsApp’s Recent Security Dilemma
I have a client application installed on my Windows computer and I want to perform a MITM on this application to inspect the traffic.
I understand that Burp can do the MITM for web application, but can it do the same for a cl… Continue reading Can Burp be setup to intercept traffic from client application?
My organization is in the middle of evaluating our current product usages with respect to application security. We currently utilize both SonarQube and HP Fortify, but are considering eliminating Fortify if SonarQube can prov… Continue reading Is SonarQube a viable replacement for HP Fortify for static code analysis (SCA)?
If you had $10,000, would you rather build a deck for your home or a fence?
The post Why Does Security Matter For DevOps? appeared first on Security Boulevard.
Continue reading Why Does Security Matter For DevOps?