application
Apple Suit Underscores Privacy Regulation Pressure
A lawsuit recently filed against Apple for violating the California Invasion of Privacy Act underscores not only that regulators are serious about holding companies to privacy strictures but also that companies that ...
Sandbreak vm2 Flaw is a 10 But Exposes Vulnerability of Sandboxes
As vulnerabilities go, the Sandbreak vm2 flaw is as potentially as severe as it gets, snagging a 10.0 CVSS score. The bug, CVE-2022-36067, should be immediately patched if it’s used with applications, ...
API Penetration Testing Explained
API pentesting is a frequently misunderstood area of application security. Let's review core concepts of API pentesting and look at how these assessments are performed. The post API Penetration Testing Explained appeared ...
Safeguarding Memory in Higher-Level Programming Languages
Consider an application written in a higher-level language like Python, NodeJS, or C#. This application must handle sensitive data such as banking credentials, credit card data, health information, or network passwords. The ...
Getting Application Security Back on the Rails
In its Interagency Report 7695, the National Institute of Standards and Technology (NIST) defined an application as “a system for collecting, saving, processing, and presenting data by means of a computer.” This ...
HIPAA Penetration Testing – A Primer for Healthcare Security
Curious about what HIPAA requirements mean for your pentest? Let's review some technical examples of why pentesting in healthcare is so unique. The post HIPAA Penetration Testing – A Primer for Healthcare ...
Black Box vs. Gray Box vs. White Box Pentesting Explained
Black Box, Gray Box, and White Box pentests have pros and cons. Here we lay out all the differences to help you decide which one fits best. The post Black Box vs ...
AWS Penetration Testing: Essential Guidance for 2021
Pentesting on AWS can be difficult. With this guide you can ensure your pentest gets off to a successful start. The post AWS Penetration Testing: Essential Guidance for 2021 appeared first on ...
Developing Like A Pentester – (And How To Reproduce Any Vulnerability)
Reproducing the vulnerabilities documented in a pentest report is a common engineering pain point. But aligning developer skills with the tooling used during the pentest can help confirm issues faster, and deploy ...
Tips From a Hacker to Keep Smartphones Safe
We can do many things using our mobile devices: hail a taxi, book a hotel, send and receive money, purchase goods online or in-store, chat and share media files, control other devices ...
