Security

Learn how to transform your code with custom CodeQL queries that empower you to surface security vulnerabilities and discover new insights.

Explore Deno and Node.js differences. Learn about Deno's enhanced module system, stable APIs, and security. Discover its use cases and drawbacks in the tech world.

Preparing for the unexpected is much easier said than done. In the case of cyberattacks, many companies have vulnerabilities in their defenses and reactions they haven’t prepared for that hackers will test. Many organizations can benefit from instituting fire drills and tabletop exercises, which test a company’s response plan at every level. These exercises will almost certainly reveal gaps in security, response plans, and employees’ familiarity with their own roles. While investing in external facilitators for these exercises will often allow for a more rigorous test separate from internal dynamics, there is guidance for organizations who wish to execute internal exercises to better prepare for a cyberattack.

In this post, I am going to show the readers how I was able to abuse Akamai so I could abuse F5 to steal internal data including authorization and session tokens from their customers.

The 10 types of authorization and how to identify them.

We analyzed data from thousands of organizations to understand the latest trends in cloud security posture.

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities - GitHub - protectai/ai-exploits: A collection of real world AI/ML exploits for responsibly disclosed vulnerabil...

Learn how to write your first policy as code rules in Rego. This Rego tutorial for beginners covers the basics of Rego syntax and using OPA.

This article outlines cybersecurity challenges such as vendor security and the rise of IoT. Solutions include real-time intelligence and cyber-insurance.

Introduction DevOps has been rapidly evolving in the software development landscape, and from the cornerstone Docker has emerged. Its ability to package applications into portable, scalable containers has taken deployment strategies to the next level. However, with this power, comes the responsibility of securing the containers. In this blog, we dive deep into advanced techniques and best practices for securing Docker containers, ensuring your deployments are not just efficient but also fortified against a variety of cyber threats.

At Fox-IT (part of NCC Group) identifying servers that host nefarious activities is a critical aspect of our threat intelligence. One approach involves looking for anomalies in responses of HTTP se…

For at least two years now I have been complaining about the lack of Artificial Intelligence (AI) Security resources. I complain about many…

CSS fingerprinting, no JS required!