Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Survivorship bias, growing attack surface and finding your weakest links

Detectify co-founder and expert bug bounty hunter Fredrik Nordberg Almroth (@almroot) recently spoke at Hack Your Stockholm, our first in-person event after a 2-year hiatus, addressing the issue of the growing attack surface of companies and how it is the most pressing issue facing CISOs today. He recaps his thoughts in this post.

Detectify announces new product names

STOCKHOLM, SWEDEN – Detectify, the SaaS security company powered by ethical hackers, announces new product names for the core products developed for security teams defending medium to large enterprise companies. On November 11th, the product names will be switched from Asset Monitoring to Surface Monitoring, and where you previously saw Deep Scan you will now see Application Scanning.

Crowdsourced security is now a need, not a nice to have

It takes a crowd to secure the attack surface. Detectify collaborates with the Crowdsource ethical hacker community to power a fully automated external attack surface management solution. This is a guest blog post from Crowdsource hacker Luke “hakluke” Stephens on why he believes crowdsourced security is now a necessity.

Debunked: Is a subdomain takeover 'game over' for companies?

When was the last time you checked DNS configurations for subdomains pointing at services not in use? According to Crowdsource ethical hacker Thomas Chauchefoin, while expired and forgotten subdomains can easily become an entrypoint for an attacker to steal sensitive data, a robust attack surface management programme in place can keep them at bay.

What's the difference between Attack Surface Monitoring and Vulnerability Scanning?

Detectify is driving the future of internet security with automation and crowdsourcing hacker research. It’s focused on helping companies detect anomalies in their web attack surface at scale, and creative automated hacks in the web app layer in time.

Ethical hacker shares top tips to protect your attack surface

The underrated threat of domain takeover and hacking a firm’s internal and external attack surface can enable malicious actors to circumvent many advanced website protection mechanisms. However, Detectify Crowdsource hacker Jasmin Landry says that deploying an external attack surface management (EASM) system can help beef up your security before a malicious hacker wreaks havoc on your company. A common aphorism in cybersecurity is that there’s no such thing as perfect security.

Staying sane in cybersecurity and dealing with burnout

World Mental Health Day is recognized annually on October 10. At Detectify, we witness the fast pace of cybersecurity each day and to keep up we sometimes need to slow down. We recognize the important of mental health and this year, we asked Crowdsource hacker and founder of Haksec, Luke “Hakluke” Stephens, to share how he manages stress to avoid burnout as a cybersecurity professional.

Meet a Hacker Hero - Eva Galperin

When we asked the security community who is their hacker hero, it was unsurprising to see that Eva Galperin, Director of Cybersecurity at EFF and co-founder of the Coalition Against Stalkerware was a finalist on the list. Galperin is a hacktivist known for her rage tweets that help her fight the good fight to protect vulnerable groups being targeted. Most known for her work to track down APTs, she also champions personal privacy and taking down stalkerware. Oh and she’s done a TED talk.