null

Advancing Application Delivery

Are you in an organization implementing Continuous Delivery? Are you a manager who wants to see your applications respond at the pace of the market - or better, be in front of ...
Tale of a Wormable Twitter XSS

Tale of a Wormable Twitter XSS

| | application
This is a tale of how we found a wormable XSS on Twitter, and how we managed to fully bypass their CSP policy. The post Tale of a Wormable Twitter XSS appeared ...

Penetration Testing for the Cloud – How it is different?

If you are working in the cyber security industry, you will be familiar with terms like application penetration testing, network.. The post Penetration Testing for the Cloud – How it is different? ...
Integrating OWASP ZAP in DevSecOps Pipeline

Integrating OWASP ZAP in DevSecOps Pipeline

Security and innovations have often been at contrast positions when it comes to the development of new products and services... The post Integrating OWASP ZAP in DevSecOps Pipeline appeared first on BreachLock ...
:-)

Webinar Q&A from Modern Network Threat Detection and Response

As promised, here is my lightly edited Q&A from a recent webinar called “Modern Network Threat Detection and Response.” Questions about vendors are removed, and some are edited for clarity. Q: I ...

Securing Apps When User Devices Are Compromised

Corporate networks and user PCs continue to be exploited—leaving your sensitive applications and data vulnerable. Network segmentation is a fundamental way to mitigate the risks associated with these vulnerabilities—but it only works ...
Access to Applications Based on a « Driving License » Model

Access to Applications Based on a « Driving License » Model

More and more countries are modifying their policies with a new “driving license” model. With a classic license model, drivers can be caught frequently; they just have to pay a huge amount ...
:-(

2012 Redux: What Is Application Security Monitoring?

Now, when you hear a phrase “application security monitoring”, what picture comes to mind? For me, nothing does… As I said in February 2012, “the industry has not yet figured out what ...
Application Exceeds its Brief

Privacy: When the Application Exceeds its Brief

The recent imbroglio surrounding Facebook and its Android application exceeding its brief caught the attention of all users. In other words, the application was requesting access to information on your device that ...
Security Boulevard