Server-side request forgery aka SSRF, is a vulnerability that enables an attacker to use a vulnerable server as a proxy to make HTTP requests on behalf of the attacker. SSRF are regularly used to target internal services that are behind firewall and not exposed to the public directly.
The security world is changing rapidly and we are slowly reaching another huge milestone. Not a very happy one though: manual security operations are no longer sufficient. This is a little bit painful to admit but the fact remains: if you rely on the manual labour of CTOs, CISOs and their teams to react to an incident, then you are in for a very rude awakening.
“Blues” like to work with protecting infrastructure and business cases they might have never seen before. “Red” penetration testers enjoy getting their teeth into new frameworks and boy do they enjoy trying social engineering on young ambitious people (probably too much as well). It was a great pleasure to have Ronald Hindriks, Co-founder and Ops leader of Jobbatical, join me for a fireside chat about security and start-up challenges.
There is a wide range of offerings in the field of SIEM’s. Most of them do not come cheap and intrest is filled with horror stories of SIEM projects started off on the wrong foot. The topic itself can be overwhelming. Which solution to choose and what to log?
As the information security risks are becoming more apparent to companies, many have started dedicating more time to fighting these. But no amount of money spent on firewalls, anti-virus, cloud security etc can demonstrate this dedication to your customers.
We got hacked - is a sentence that a cyber security provider should not ever say to stay in business… but here is our story!
Cybersecurity-related scary stories bring out all the myths and beliefs you, as a manager, have about IT and security. We would like to address some common ones and try to dispel them for good.