Syndicated Blog

Shape Security Blog
Highlighting breaking news, events, and analyst commentary on cyber security from around the world
5 Rando Stats from Watching eCrime All Day Every Day

5 Rando Stats from Watching eCrime All Day Every Day

| | Security Trends
David Holmes here, cub reporter for Shape Security. While I’m luxuriating in United Airlines steerage class, our crack SOC team is back at HQ slaving away over their dashboards as tidal waves ...

ES2019 features coming to JavaScript (starring us!)

| | Browsers, Shape Engineering
Shape Security has been contributing actively to TC39 and other standards bodies for the past 4 years but this year is special for us. A significant portion of the features coming to ...
Lessons Learned from 2018 Holiday Attacks: No Rest for the Wicked

Lessons Learned from 2018 Holiday Attacks: No Rest for the Wicked

| | Shape Perspectives
Scrooge would approve—attackers work on Christmas Eve, and now on New Year’s Eve, too We at Shape Security defend the world’s top banking, retail, and travel websites. And while you might be ...
Testing Robustness

Extreme Cybersecurity Predictions for 2019

| | Security Trends
Prediction blogs are fun but also kind of dangerous because we’re putting in writing educated guesses that may never come true and then we look, um, wrong. Also dangerous because if we’re ...
Reverse Engineering JS by example

Reverse Engineering JS by example

| | Security Trends
flatmap-stream payload A In November, the npm package event-stream was exploited via a malicious dependency, flatmap-stream. The whole ordeal was written up here and the focus of this post is to use ...
Who should own the burden of security?

The Best of Shape Security 2018

| | Security Trends
Focus on the Good Things There are already too many blogs focusing on the bad things that happened this year. Focusing on the bad things in life makes you miss the good ...
Better Together: Partnering with Okta

Better Together: Partnering with Okta

| | Security Trends
Every day, nearly 10 million valid credentials fall into the hands of criminals, fueling massive amounts of fraud. Shape’s new partnership with Okta aims to eliminate this fraud by providing Okta customers ...
™

Shape Honored As Fastest Growing Company in Silicon Valley by Deloitte’s 2018 Technology Fast 500

| | Security Trends
Today Shape was recognized as the fastest-growing company in Silicon Valley and the third-fastest growing company in the U.S. by Deloitte’s Technology Fast 500™, a ranking of the 500 fastest growing technology, ...

Look, Ma, No Passwords: How & Why Blackfish uses Bloom Filters

When NIST issued guidelines in 2017 advising organizations to check new users’ credentials against a password “breach corpus,” one of the first questions was how to ensure the breach corpus itself didn’t ...
Screen Shot 2018-09-13 at 10.46.26 AM

Intercepting and Modifying responses with Chrome via the Devtools Protocol

| | Shape Engineering
At Shape we come across many sketchy pieces of JavaScript. As part of our everyday routine, we dive into them head first to understand what they’re doing and how. The scripts might ...
Loading...