HackDig : Dig high-quality web security articles for hackers

Microsoft Releases Open Source Fuzzing Framework for Azure

Microsoft on Tuesday announced the release of Project OneFuzz, an open source fuzzing framework for Azure that the tech giant has been using internally for the past year to find and patch bugs.Fuzzing is used to find vulnerabilities and other bugs in software by injecting malformed data into the targeted application to see if it crashes or behaves unexpected
Publish At:2020-09-15 12:54 | Read:123 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Vulnerabilities

Developer Security Firm Snyk Raises $200 Million at $2.6 Billion Valuation

Boston-based developer security company Snyk on Wednesday announced that it has raised $200 million in a Series D funding round, valuing the firm at more than $2.6 billion.The latest funding round, which brings the total raised by Snyk to $450 million, was led by Addition, with participation from previous investors Accel, Amity, Boldstart, Canaan, Coatue, GV
Publish At:2020-09-09 12:12 | Read:202 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Cloud Security Mana

Fastly to Acquire Web Application Security Firm Signal Sciences for $775 Million

Content delivery network (CDN) provider Fastly (NYSE: FSLY) announced on Thursday that it has agreed to acquire web application security firm Signal Sciences for approximately $775 million in cash and stock. Founded in 2014, California-based Signal Sciences provides web application firewall (WAF) and runtime application self-protection (RASP) technologi
Publish At:2020-08-27 11:38 | Read:217 | Comments:0 | Tags:NEWS & INDUSTRY Application Security security

Leverage Automation Successfully as Part of a Broader SOAR Strategy

In a previous article, we explored common misconceptions about automation and the realities of using automation to improve security. This article discusses automation best practices as part of an overall Security Orchestration, Automation and Response (SOAR) strategy. Being fully aware of the pitfalls of automation helps frame best practices and provide gre
Publish At:2020-08-26 13:16 | Read:290 | Comments:0 | Tags:Application Security Mobile Security Network SOAR Automation

Adobe Open Sources Tool for Sanitizing Logs, Detecting Exposed Credentials

Adobe has made available in open source a tool designed to identify randomly generated strings in any plain text.Dubbed Stringlifier, the tool was written in Python and leverages machine learning to differentiate random character sequences from normal text sequences.The open-source project should prove helpful when analyzing security and application logs, or
Publish At:2020-08-21 11:12 | Read:174 | Comments:0 | Tags:NEWS & INDUSTRY Application Security

Pentest-as-a-Service Company Cobalt Raises $29 Million

Pentest-as-a-Service (PtaaS) company Cobalt announced on Thursday that it has raised $29 million in a Series B funding round.The funding round, which brings the total raised by the firm to $37 million, was led by venture capital firm Highland Europe, with participation from several angel investors. Cobalt says it will use the money to improve its platform an
Publish At:2020-08-20 12:15 | Read:171 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Vulnerabilities Man

Adaptive Shield Emerges From Stealth to Secure SaaS Applications

With $4 million in seed funding, Adaptive Shield this week emerged from stealth mode to automate the security of software-as-a-service (SaaS) applications.The Tel Aviv, Israel-based startup seeks to tackle the issue of incorrect configuration of SaaS applications, which can expose them to cyberattacks, data leaks, and other risks.SaaS security configuration
Publish At:2020-08-14 16:12 | Read:151 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Cloud Security Mana

Legacy Systems: Seven Things to Know When Sunsetting

Nothing lasts forever. That’s true for cars, devices, even a favorite sweatshirt or pair of jeans. But it is especially true for information technology (IT).  Legacy IT systems stick around in business settings for three main reasons: organizations don’t have the budget to upgrade, teams need to be able to access critical legacy application
Publish At:2020-08-13 09:08 | Read:333 | Comments:0 | Tags:Application Security Network Software & App Vulnerabilities

SASE Provider Perimeter 81 Raises $40 Million

Secure Access Service Edge (SASE) and Network-as-a-Service (NaaS) solutions provider Perimeter 81 has closed a $40 million Series B funding round that brings the total raised by the company to $65 million.Founded in 2018 and headquartered in Tel Aviv, Israel, the startup provides a cloud-based Security-as-a-Service (SaaS) solution that aims to secure access
Publish At:2020-08-13 00:19 | Read:191 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Application Security Id

Facebook Open Sources Analysis Tool for Python Code

Facebook has announced the availability of Pysa (Python Static Analyzer), an open-source tool designed for the static analysis of Python code.The security-focused tool relies on Pyre, Facebook’s type checker for Python, and allows for the analysis of how data flows through code. It can be used to identify issues related to the protection of user data, as wel
Publish At:2020-08-11 02:52 | Read:189 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Management & St

Securing Cookies with HttpOnly and secure Flags [Updated 2020]

Learn how to fight malwareAny program that runs can be disassembled, but that doesn’t mean it’s going to be easy. In this skills course you’ll learn⇒ Anti-Debugging Techniques⇒ Detecting Debuggers⇒ Anti-DisassemblyStart your free trialIntroductionSecuring cookies is an important subject. Think about an authentication cookie. When the attacker is
Publish At:2020-08-10 09:51 | Read:231 | Comments:0 | Tags:Hacking application security feature

Network Design: Firewall, IDS/IPS

IntroductionThere are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass one layer, another layer stands in the way to protect the network. Two of the most popular and significant tools used to secure networks are firewalls and intrusi
Publish At:2020-08-04 15:05 | Read:206 | Comments:0 | Tags:Application Security feature network security

DDoS Attacks Increase in Size, Frequency and Duration

Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. Kaspersky also found that DDoS cyberattacks are increasing in duration. Average attack
Publish At:2020-07-30 19:37 | Read:282 | Comments:0 | Tags:Advanced Threats Application Security Cloud Security Data Pr

Industrial Cybersecurity Firm Claroty Releases Open Source Database Parser

Industrial cybersecurity firm Claroty this week announced the availability of AccessDB Parser, an open source tool that allows researchers to analyze Microsoft Access database files associated with SCADA applications.AccessDB Parser was initially developed to improve the scanning capabilities of Claroty Continuous Threat Detection (CTD)’s Application DB (App
Publish At:2020-07-16 03:11 | Read:274 | Comments:0 | Tags:NEWS & INDUSTRY SCADA / ICS Application Security

Zero Trust in 2020: More Important Than Ever Before

In a perfect world, all organizations would implement Zero Trust for its inherent security benefits. In today’s uncertain environment, every security strategy that mitigates risk is critical, and the role of Zero Trust is even more relevant in the work-from-home era. By nature, employees’ home environments are more vulnerable with a higher likelihood o
Publish At:2020-07-15 12:51 | Read:324 | Comments:0 | Tags:Cloud Security Data Protection Risk Management Zero Trust Ap


Tag Cloud