Authentication, Exercises, Open Source and Security

If You’re Only Doing WAF, You’re Doing API Security Wrong

ForAllSecure

FEBRUARY 15, 2023

In the rush to comply with various standards, such as addressing the OWASP Top 10 API , companies are looking at API security with renewed interest. Some organizations have begun using Web Application Firewalls (WAFs) to protect their APIs, but this isn’t a true solution to API security. Are WAFs Enough for API Security?

Security

Security Firewall Authentication Programming

ChatGPT could make bioterrorism horrifyingly easy

Vox

AUGUST 7, 2023

In a recent exercise at MIT, it took just one hour for ChatGPT to instruct non-scientist students about four potential pandemic pathogens, including options for how they could be acquired by anyone lacking the skills to create them in the lab, and how to avoid detection by obtaining genetic material from providers who do not screen orders.

Artificial Intelligence

Artificial Intelligence Tools Exercises Training

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day. Apple Podcasts.

Open Source

Open Source Tools Security Software

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Don’t Get Left Behind: Leveraging Modern Product Management Across the Organization

MORE WEBINARS

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day. Apple Podcasts.

Open Source

Open Source Tools Security Software

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day. Apple Podcasts.

Open Source

Open Source Tools Security Software

The Mayhem for API Difference - A ZAP - Mayhem for API Scan Comparison

ForAllSecure

SEPTEMBER 7, 2022

With the rapid development of modern web APIs, developers must balance quality, reliability and security with time to market. This means that there are any number of unknown issues of unknown severity hidden in every API that may lead to benign errors, or at worse, serious security holes. Clone the VAmPI source from GitHub: [link].

Comparison

Comparison Applications Tools Authentication

The Mayhem for API Difference - A ZAP - API Scan Comparison

ForAllSecure

SEPTEMBER 7, 2022

With the rapid development of modern web APIs, developers must balance quality, reliability and security with time to market. This means that there are any number of unknown issues of unknown severity hidden in every API that may lead to benign errors, or at worse, serious security holes. Clone the VAmPI source from GitHub: [link].

Comparison

Comparison Applications Tools Authentication

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. How then does one start securing it? In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication.

Internet

Internet Research Security Tools

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. How then does one start securing it? In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication.

Internet

Internet Research Security Tools

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

ForAllSecure

MAY 30, 2023

Mark Lance, the VP of DFIR and Threat intelligence for GuidePoint Security, provides The Hacker Mind with stories of ransomware cases he’s handled. One other thing: the Conti source code was also leaked, allowing security companies to create their own decryption services for anyone infected with the Conti ransomware.

Authentication

Authentication Groups Backup Data

Decentralization in Sovrin

Phil Windley

OCTOBER 23, 2018

Our goal is for the Sovrin Network to be an open, public, decentralized utility for digital identity. Those three adjectives deserve some explanation: open —The Sovrin network is based on the open-source Hyperledger Indy project. The governance of the Sovrin Network should also be open.

Open Source

Open Source Network Architecture Government

Information Technology Zone

If You’re Only Doing WAF, You’re Doing API Security Wrong

ChatGPT could make bioterrorism horrifyingly easy

Webinars

Trending Sources

The Hacker Mind Podcast: Hunting The Next Heartbleed

Webinars

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Mayhem for API Difference - A ZAP - Mayhem for API Scan Comparison

The Mayhem for API Difference - A ZAP - API Scan Comparison

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

Decentralization in Sovrin

Stay Connected