Application Security

Application Security

DEF CON 28 Safe Mode – Oleksandr Mirosh’s, Alvaro Munoz’ – Scribbling Outside The Lines Of Template Security’

Many thanks to DEFCON for publishing their comprehensive and outstanding presentations via the organization's DEFCON 28 SAFE MODE Conference Schedule Page and their YouTube chennel. Enjoy! Permalink ...
AWS re:Invent 2015 | (SEC303) Architecting for End-to-End Security in the Enterprise

How to champion security in DevOps

Making the shift from DevOps to DevSecOps requires better communication, which you can help your teams accomplish with security training and enablement. The post How to champion security in DevOps appeared first ...

DEF CON 28 Safe Mode – Feng Xiao’s ‘Discovering Hidden Properties To Attack Node js Ecosystem’

Many thanks to DEFCON for publishing their comprehensive and outstanding presentations via the organization's DEFCON 28 SAFE MODE Conference Schedule Page and their YouTube chennel. Enjoy! Permalink ...
Slack

Slack Strengthens Cybersecurity Controls

Slack today announced it has made it possible for IT organizations to manage their own encryption keys as part of an effort to enhance the security of its widely employed messaging service ...
Security Boulevard
Boothole

BootHole Shows Need for Greater Scrutiny

The recent BootHole and related vulnerabilities raise the question of whether software used for critical security functions should have special scrutiny. When a security operation fails the ramifications are considerable, especially when ...
Security Boulevard

Application Vulnerabilities Spike, .NET Applications Appear in the Attack Crosshairs

COVID-19 transformed businesses overnight. Suddenly, more than half of the workforce found themselves working from home and most businesses could no longer meet with customers and prospects in person. Those with mature ...
Security BSides Athens 2020

Security BSides Athens 2020 – Talk 12 – Sam Stepanyan’s ‘Introducing The OWASP Nettacker Project’

Many thanks to Security BSides Athens for publishing their tremendous Security BSides Athens 2020 Conference Videos. Enjoy! Permalink ...
Phishing Campaign Uses Internal Email to Trick Employees into Sharing Office 365 Credentials

Phishing Campaign Uses Internal Email to Trick Employees into Sharing Office 365 Credentials

A campaign targeting Office 365 customers used a compromised internal email for phishing messages, giving much more credence to an email that people would otherwise dismiss immediately. Phishing emails are a fact ...
architecture of the new component

Fast, Furious, and Scalable: Designing a High-throughput, Real-time Network Traffic Analyzer

These days, our focus is on spoiling our customers. For example, we give our DDoS Protection customers the peace of mind that their network traffic is routing through Imperva’s cloud for consistent ...
Securing Cookies with HttpOnly and secure Flags [Updated 2020]

Securing Cookies with HttpOnly and secure Flags [Updated 2020]

Learn how to fight malware Any program that runs can be disassembled, but that doesn’t mean it’s going to be easy. In this skills course you’ll learn ⇒ Anti-Debugging Techniques ⇒ Detecting ...