Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Climbing the Vulnerability Management Mountain: Gearing Up and Taking Step One

As I discussed in the first blog in this series, the purpose of this series is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. For the first phase, let’s start by planning the trip up Vulnerability Mountain. When you get ready to climb a mountain, you need gear, and you need to know what to ask for at the store.

Content Security Policy (CSP) explained including common bypasses

We have written about Content Security Policy (CSP) on Detectify Labs before. But maybe you’re wondering why should you have it on your site to begin with? This article will explain why having one can prevent header exploits with attributes and common bypasses. CSP is a response header that instructs the web browser from what sources it is allowed to include and execute resources from.

Apple says its Walkie-Talkie app could be exploited to spy on iPhones

Apple has chosen to temporarily disable a key feature of the Apple Watch after a critical vulnerability was discovered that could allow someone to eavesdrop on another person without their knowledge. The Apple Watch feature at the heart of the problem is Apple’s Walkie-Talkie app which allows users to “push to talk” with other Apple Watch owners via a real-time voice message, rather than having to make a call or laboriously type a text message.

Are Your Employees Watching Netflix at Work?

Workplace productivity is directly related to company profitability. Employers are seeking more and more ways to cut waste – including wasteful activities that eat into productivity. Many companies would immediately agree that playing video games, spending excessive time on social media and streaming videos are blatant violations of workplace acceptable use policies.

What is Chaos Engineering in penetration testing?

Being proactive is the key to staying safe online, especially for businesses and organizations that operate websites and mobile applications. If you wait for threats to appear, then in most cases it is too late to defend against them. Many data breaches come about this way, with hackers uncovering security gaps that had gone previously undetected. The average web developer wants to assume that their code and projects will always function in the intended manner.

Alternate Data, a catalyst in creating Digital Identity

Identity verification is the first and significant part of any business transaction. Traditionally, businesses have been relying on tacit agreements and physical copies of Government approved identity documents for stakeholder identification and verification. As the world gets smaller, thanks to digitisation and technological advancements, businesses are presented with a wonderful opportunity of interacting and transacting with individuals in any corner of the world.

How Do You Protect Your Children When They Go Online?

When you are thinking about a very special holiday gift for your kid, one of the first things that spring to mind is a smartphone, tablet or laptop. It’s common knowledge that these devices aren’t very useful unless connected to the Internet. But how do you make sure your children are on the safe side when they go online? According to studies, kids spend more than nine hours a day surfing the web. That’s a lot of time, isn’t it?

What is a SIEM Use Case?

In regard to rising trends and forms of attacks, a growing number of organizations opt for SIEM solutions so that they can provide a proactive measure for threat management and also acquire a detailed and centralized view of the overall security measures of their organization. Since SIEM is the foundation of a security infrastructure, there are large varieties of SIEM use cases.