If you are in the security or networking industry, there is no doubt that you’ve been hearing the latest Gartner inspired buzz word being dropped in conversations with your colleagues, customers, and vendors alike. In case you haven’t already guessed, I am referring to SASE (pronounced “sassy”).
Your penetration testing report is the security passport for your product and services to the world. It demonstrates the validation of your security controls and cybersecurity strategy at a wider level.
2021 is off to a stellar start for Calligo. At the Digital Jersey Tech Awards 2020 virtual awards evening, Calligo was announced as the Digital Growth Business of the Year for its achievements throughout last year, while Julian Box was named the Digital Leader of the Year. Calligo was named Digital Growth Business of the Year because of its growth in five key areas: UK expansion A fourth acquisition was also completed in 2020, this time in the UK.
Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.
Sensitive data exposure is #3 in the current OWASP top Ten Most Critical Web Application Security Risks.
Data breaches are becoming increasingly common, and one factor driving this escalation is the fact that today’s IT systems are integrated and interconnected, requiring login information from multiple parties and services. In response, Amazon Web Services has launched the AWS Secrets Manager, a service designed to help organizations get a handle on these “secrets” by storing and accessing them in a secure way.
The npm Registry is vulnerable for supply chain impersonation attacks. Make sure you create npm scoped packages and force exclude patterns.
On January 28, 2021 the dark web community was informed that “ValidCC”, one of the leading marketplaces for compromised payment card details, was unexpectedly closing its services for good. This happened less than a month after “Joker’s Stash”, another popular dark web payment card marketplace, announced its retirement.