Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

Winning the battle against vulnerabilities with an EASM tool

A webinar focusing on managing external attack surfaces in the context of rapidly changing and growing company infrastructures. The session, hosted by Johanna Ydergård, VP of Product at Detectify, includes a presentation and a Q&A panel. The discussion emphasizes the need to understand what companies expose to the internet and the importance of securing these exposures.

Understanding pentesting vs an automated hacker-powered tool

Penetration testing is a vulnerability detection mechanism that uses multistep and multivector attack scenarios to find vulnerabilities and attempts to exploit them. While some companies might be continuously pentesting, others don’t at all, this is often due to lacking security culture, budget limitations, or both.

Is the perimeter dead?

This question still triggers some interesting discussions among security professionals. Does the perimeter still exist, or has it become impossible to outline due to the immense asset list and expansion of an organization’s attack surface? Included by Gartner in 2021 as a major cybersecurity category and an emerging product, the External Attack Surface Management (EASM) term might be new. Still, the idea behind it is nothing new: identifying risks coming from internet-facing assets that an organization may be unaware of.

What are organizations doing wrong when it comes to security?

What are organizations doing wrong when it comes to security? While today’s code-quality security is good, the sharing between each domain or principle is lacking, such as using infrastructure as code. Some people have become lazy, using other people’s templates and sometimes without knowing the security details. There is no technical depth (the rule now is; if it works, it works). Security metrics are valued by the exploitation that happens. We learn by being hacked, and that is not how it should work.

Detectify, an ethical hacker powered EASM solution.

Hacking yourself is the only way to protect your attack surface Explore the full breadth and depth of your external attack surface with Detectify. Find out what Internet-facing assets you're exposing, how to fix their vulnerabilities and anomalies, and accurate guidance on what you should improve and prioritize first.

Hack Yourself Stockholm 2021 - David Jacoby, Jesper Larsson, Mathias Karlsson, and Shane Murnion

A recording of a panel discussion from Hack Yourself Stockholm 2021 on the theme of attack surface management. Hear the panelists discuss what organizations can do to find and better protect their external attack surface. Featuring security experts from: David Jacoby - Deputy Director for the European Global Research and Analysis Team, Kaspersky Jesper Larsson - Freelance IT-Security Researcher & Penetration Tester Mathias Karlsson - Head of Technical Security, Kivra Shane Murnion - Security Specialist, Skandia.

Detectify expands coverage for public APIs (in development)

Our security researchers happen to be talented bug bounty hunters as well as the brains behind of Detectify's efforts to develop a leading-edge API security scanner. Why is developing a reliable API security tool so challenging? It's because every API is different, which means it’s challenging to have a standardized approach to security testing on APIs. Almroth states that the team will focus on developing an API security scanner that focuses on server-side vulnerabilities. Both share that this is going to use fuzzing techniques.