Giving Back to the Community with Ben Bidmead aka pry
Collaboration and human connection are significant trends in cybersecurity. A vast and fluctuating cyber threat landscape means new challenges and vulnerabilities are always just around the corner. Sharing knowledge, techniques, and skills empowers cybersecurity professionals and practitioners to thwart cyber-attacks and minimize risks.
IP Reconnaissance for Bug Bounty Hunters with SurfaceBrowser™
IP reconnaissance is often the base and a starting point of any security research or bug hunt. This is simply because scanning any IP address can lead you to an individual host in question—and once you’ve found the host, the possibilities are limitless. From there you may find running services, open ports, databases, unsecured files and much more. Everything begins with finding and scanning the IP address.
10 Popular Bug Bounty Programs in 2021
Surprisingly, crowdsourced security testing has been around for quite some time. As early as 1995, Netscape Communications Corporation introduced the first technology bug bounty program, “Netscape Bug Bounty”.
Host Discovery Tips for Bug Bounty Hunters with the SecurityTrails API
Despite a growing corpus of dire predictions and research surrounding the state of information security at large, companies continue to expand their digital footprint to encompass a vast array of cutting edge, yet often dissimilar, architectures. From a historical perspective, there is nothing new under the sun at play here; after all, information technology patent citations have steadily dominated those of adjacent industries at least since the 1970s, creating a constant influx of knowledge spillover and innovation that accounts for the exponential growth.
Channeling the Wisdom of the Crowd: Talking with Intigriti’s Stijn Jans and Inti De Ceukelaire
With the boom of data-driven organizations and the adoption of technological advancements, cybersecurity threats are also getting more sophisticated. The fast-changing nature of cybersecurity and the sheer amount of threats and vulnerabilities requires organizations to stay on top of protecting their assets and data from attackers.
It’s Here: Bug Bounty Hunting Month Has Arrived
The wait is finally over—SecurityTrails Bug Bounty Hunting Month has officially started!
10 Backend Security Risks and Tips on How to Prevent Them
With modern web applications’ backends consisting of multiple servers, containers running different applications (often built from templates), and numerous software services being run, including web servers, databases, web proxies, and the like, you can see how vital it is to ensure every single part of the backend. Otherwise, your entire web application’s safety and security is at risk.
Trojans: Definition, Types and Protection
Some cybersecurity threats are so old-school that you don’t really hear that much about them—and they might even appear to slow down over the years. But since the beginning of the COVID-19 pandemic, threat actors and malware authors have been finding new ways to exploit the situation the world has found itself in. One of the most common tactics we’re seeing is the use of trojans.
Axiom: A Distributed Hacking Framework for Pentesters and Red Teamers
With the arrival of the concept known as dynamic cloud a few years ago, leaders in the computing and security industries immediately seized the opportunity. Not only did this new paradigm offer flexibility and scalability, its dynamic nature also entailed a more diverse portfolio of applications and similar consumables, readily available and masterfully presented as a single, coherent platform. To security practitioners, and to penetration testers in specific, this newfound agility forever transformed the traditional in-house penetration-testing ecosystem into an entirely dynamic framework.
Building a Career in Incident Response With Cybersec Meg
Cybersecurity is one of the fastest-growing industries, while cybersecurity professionals are some of the most valuable workers of any organization, regardless of the industry. There is some talk of a cybersecurity skills gap that claims a shortage of professionals, but is that true? Or is gatekeeping dictating unrealistic expectations for entry-level positions, making it harder for newcomers to break into the industry?