Builders vs Breakers: Bridging the gap Between Software Development and InfoSec with Tanya Janca
Application security testing and assessment commonly occurs toward the end of the standard software development life cycle (SDLC). During this time, code reviews and penetration tests are done to ensure no security flaws or bugs are found in the application before it moves on to production. As much...
From heroes to deviants: Discussing the cultures of hacking with Gabriella Biella Coleman
When talking about hacker cultures, the media often blurs the lines between the act of hacking and criminality, inadventaly propping up stereotypes that plague the figure of the hacker. In reality, hackers feed into a socially and politically significant subculture with unique social and behaviora...
SecurityTrails Year in Review 2019
Now’s the time when we can take a thoughtful step back and reminisce about the events that have unfolded over the year. Please join us as we take a look at the many milestones, developments and innovations SecurityTrails has seen during the past twelve months.
#ProTips: Silence the noise with Andrew Morris
The Internet is a noisy place; those listening to it know that all too well. SOC teams keep busy with numerous threat protection products that generate countless security alerts, many uncontextualized, some downright pointless. And figuring out who’s behind those alerts is not easy.
#ProTips: Bug Bounty Hunting with Random Robbie
In addition to having a proven methodology, whenever you’re bug bounty hunting you always need to think critically, and find new ways to catch bugs first. And nobody is better at finding innovative ways of doing just that than Robbie Wiggins himself — also known as “Random Robbie.”
5 Subdomain Takeover #ProTips
We at SecurityTrails are happy to introduce a new blog series where we’ll be sharing tips and step-by-step research processes from the best security researchers around. You’ll get a glimpse into their methodology, the tools they use and much more, with ProTips!
From Scuba and Submarines to DDoS: Diving in with Jose Hernandez from Splunk
After a long day at work, what do you do when you come home? You might catch up on reading the latest tech trends and research, work on learning new programming languages, or any other activities that will advance your career. While this is all helpful for your professional life, having hobbies can be beneficial to every aspect of your life, including your career.
Accepting the Irrationality Of Biases in InfoSec: Interview with Kelly Shortridge
The human brain is incredibly complex and powerful, but as with everything powerful, it comes with its own set of limitations. As humans, we’re not always as rational in our decision making as we’d hope to be. It’s unreasonable to think InfoSec professionals are an exception to this rule.
Know Your Assets: Talking with Jonathan Cran from Intrigue
The constant risk of cyberthreats on organizations and their digital landscapes makes knowing your assets and the extent of your attack surface crucial. Reconnaissance is one of the first steps attackers will take to discover any unprotected and unmonitored assets, and use them as means to gain access to your network.
Through a Data Scientist’s Lens: Interview with Ilija Subašić, PhD
For many, the job title of data scientist can seem a bit perplexing. What do they actually do? Is this really the sexiest job title of the 21st century? What makes their perspective on data so different than our non-data perspective? Today, we ask SecurityTrails’ Lead Data Scientist to find out.