Collaborate Disseminate
Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s recent executive order asks government vendors to attest “to the extent practicab… Continue reading Regulation fatigue: A challenge to shift processes left
Read Time 2 minutes DevOps is fast. Security is slow. That is about to change for enterprises willing to adopt the new standards outlined by NIST
The post Put Your AppSec Program in the Fast Lanes with the New NIST Standards for Security Testing. appe… Continue reading Put Your AppSec Program in the Fast Lanes with the New NIST Standards for Security Testing.
The ETSI committee on Methods for Testing and Specifications (TC MTS) has recently completed a first set of seven standards addressing the testing of the IoT MQTT and CoAP protocols, and the foundational security IoT-Profile. “These new standards fill … Continue reading ETSI completes set of IoT MQTT and CoAP testing standards
As organizations work diligently to support evolving business needs, while at the same time battling cybercrime and other threats to critical data, the majority of disaster recovery solutions are not tested on a regular basis, according to iland. More … Continue reading Most disaster recovery solutions are not tested on a regular basis
Phishing attacks continue to plague organizations across the globe with great success, but why? Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an…
The post The Business Value of t… Continue reading The Business Value of the Social-Engineer Phishing Service
Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from healthcare to national security. Eliminating a country’s ability to generate en… Continue reading Top security threats for power plants and how to proactively avoid them
After developing a tool for testing the security of its own AI systems and assessing them for vulnerabilities, Microsoft has decided to open-source it to help organizations verify that that the algorithms they use are “robust, reliable, and trust… Continue reading Counterfit: Open-source tool for testing the security of AI systems
Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. “I love mind maps. They help me create a fine-tuned methodology and keep the mind organized,̶… Continue reading MindAPI makes API security research and testing easier
Security testing automation is not about building tech to replace humans. We don’t adhere to that limiting view because it fails to capture the complexity and depth of security testing. Instead, we believe automation should enhance uniquely human abili… Continue reading Product showcase: Pentest Robots
The vast majority of attackers are opportunist criminals looking for easy targets to maximize their profits. If defenses are sufficiently fortified, finding a way through will be so difficult and time consuming that all but the most elite nation-state … Continue reading Addressing the lack of knowledge around pen testing