Passbolt partnered with Quarkslab to conduct a penetration test and assumed breach assessment of Passbolt Cloud solution.

What was tested?
Evaluated API security, backend controls, and safeguards against unauthorized actions.
Simulated an internal attack to assess resilience against an adversary with server access.

Read more on the blog article: https://hubs.li/Q039csDh0

Only a few days left to register for our February 27th Penetration Testing for IT Pros one-day virtual class! Learn how to find cybersecurity gaps before the #hackers do. Pentest experts @tompohl and @MDurrin will teach you the latest #pentesting techniques, how to identify and mitigate vulnerabilities, and more!

Register: https://www.lmgsecurity.com/event/penetration-testing-for-it-pros-one-day-class/

Die 6. Folge unseres Podcasts ist da!

In dieser Episode dreht sich alles um Red-Team-Assessments. Wir gehen der Frage nach, warum sie so wichtig sind und wie sie die Sicherheit Deines Unternehmens deutlich verbessern können.

Wir stellen vor, welchen ganzheitlichen Ansatz ein Red-Team-Assessment verfolgt und wie es die technischen, physischen und menschlichen Schwachstellen eines Unternehmens identifiziert und ausnutzt. Zudem geben wir Dir einen detaillierten Überblick über den Ablauf eines Red-Team-Assessments und erklären die verschiedenen Aufgaben des Red-Teams, des Blue-Teams und des White-Teams.

Höre gerne rein:

Spotify: https://open.spotify.com/show/63K9JjKKOdewLx2Ma0DuNE

Apple Podcast: https://podcasts.apple.com/de/podcast/it-security-inside/id1751424875

Unserer Website: https://cirosec.de/podcast/

Last chance to save $100 on our February 27th Penetration Testing for IT Pros one-day virtual class! Learn how to find cybersecurity gaps before the #hackers do. Pentest experts @tompohl and @MDurrin will teach you the latest #pentesting techniques, how to identify and mitigate vulnerabilities, and more! Register: https://www.lmgsecurity.com/event/penetration-testing-for-it-pros-one-day-class/

An ounce of prevention is worth a pound of cure. Empower your IT team with the skills they need to stay ahead of cyber threats.

Register now to save $100 on our February 27th Penetration Testing for IT Pros one-day virtual class, and dive into the world of ethical hacking and vulnerability discovery. Taught by pentest experts @tompohl and @MDurrin, your team will learn the latest pentesting techniques, how to identify and mitigate vulnerabilities, and more! https://www.lmgsecurity.com/event/penetration-testing-for-it-pros-one-day-class/

[鐵人修煉_1]-PT的分類 - iT 邦幫忙::一起幫忙解決難題，拯救 IT 人的一天
https://ithelp.ithome.com.tw/articles/10214236

哦哦滲透測試 #PenetrationTest

Selbstheilende Testfälle ein technischer Mythos oder Realität?
Selbstheilende was......

https://youtu.be/dJObuTlabn0

Nun erst mal ja, es gibt technische Möglichkeiten, selbstheilende Test
https://www.dev-crowd.com/2024/10/24/selbstheilende-testfaelle-ein-technischer-mythos-oder-realitaet/
#Mocking #MutationTesting #OwaspZap #Penetrationtest #Python #RegressionsTest #Requests #RestAPI #Sandboxtesting #Scapy #Security #Selenium #Server #SystemTestNetzwerk #Testframework #Webdriver

Die Sicherheit von IT-Systemen ist von entscheidender Bedeutung bei zunehmender Digitalisierung. Angesichts der ständig wachsenden Anzahl von Bedrohungen und Angriffen ist es daher unerlässlich, proaktive Massnahmen zu ergreifen, um die Sicherheit Ihrer Systeme zu gewährleisten. In diesem Artikel werden wir die Rolle von Penetrationstests in der IT-Sicherheit genauer betrachten.

https://www.goldingerit.ch/blog-single?name=die-rolle-von-penetrationstests-in-der-it-sicherheit-schwachstellen-aufdecken-und-schutz-verbessern

#penetrationtest #it-security #sicherheitslücken #cybersecurity

Moderne Regressionstests in der Cybersicherheit: Ein Paradigmenwechsel – Teil 1 neuer Ansatz, neuer Workflow

https://www.dev-crowd.com/2024/08/10/moderne-regressionstests-in-der-cybersicherheit-ein-paradigmenwechsel-teil-1-neuer-ansatz-neuer-workflow/
#Engineering #Mocking #MutationTesting #OwaspZap #PenetrationTest #Penetrationtest #Programmierung #Python #RegressionsTest #Requests #RestAPI #Sandboxtesting #Scapy #Security #Selenium #SystemTestNetzwerk #TestEngineering #Testframework #Testl

Sometimes you see sad stuff during a #penetrationtest. This one is just funny.

```
HTTP/1.0 200 OK
Content-Type: application/json
Connection: close
Content-Length: 15637

<html>
<head>
<title> 404 - Page not available </title>
</head>
```
#informationsecurity #infosec #pentest #pentesting #html #http #coding #security

Alright Infosec Exchangers: Go forth and email/call/whatever your MPs and let them know that these clauses in bill C-70 which criminalize software are hugely problematic.

#RedTeam #CanPoli #OpenSource #AppSec #PenTest #PenetrationTest

https://canadiancyber.substack.com/p/bill-c-70-creates-legal-liabilities

Apparently, by default, the installer for Heroku CLI adds the path "%LOCALAPPDATA%/heroku" to the "Windows Defender exclusion".

So it might be that the path won't be scanned for threats and malware.

Good morning #Fediverse. Hope your weekend was great and you had a nice relaxing time.

Let’s kick off the week with our #KoffeeWithKyle chat. For today, let’s discuss what we have planned for today and the week ahead.

For me, just the usual work stuff. Have to check into this PenTest assessment as it’s still going and has not finished. Also didn’t get to do what I wanted this weekend.

This vPenTest from Vonahi is still running…from yesterday. I know it was going to take awhile but dang!

Opacity - I have just completed this room! Check it out: https://tryhackme.com/room/opacity #tryhackme #security #oscp #opacity #penetrationtest #webapplication #owasp #opacity via @RealTryHackMe

A cyber & privacy forum Fred for security presenta il sistema per automatizzare i penetration test: Fred for security partecipa a cyber privacy forum 2023, l’evento in presenza organizzato da Ethos Media Group, con il patrocinio e il coordinamento scientifico di Federprivacy, che si terra’ il prossimo 29 novembre a Verona. Dal rapporto CLUSIT riferito al 2022: "Nello scorso anno...
#cyber&privacy2023 #Fredforsecurity #penetrationtest http://dlvr.it/Sxh5JR #News

Just released my write-up for "MonitorsTwo" from Hack The Box!

This machine covers topics relevant to ethical hacking such as Common Vulnerabilities & Exposures (CVEs), Linux privilege escalation, and pivoting.

https://affiliate.hackthebox.com/bryanmcnulty-monitorstwo

https://www.dev-crowd.com/2023/08/30/2086/
#Engineering #ExplorativesTesten #Mocking #MutationTesting #Penetrationtest #Programmierung #Projektmanagement #Python #RegressionsTest #Requests #RestAPI #Sandboxtesting #Scapy #Security #Selenium #Server #SystemTestNetzwerk #TestEngineering #Testframework #Testmanagement #Testsuites #Tools #Tools #Webdriver #ChatAI #chatbot #ChatGPT #LoadandPerformance

Check out my writeup for the medium Linux-based machine "OnlyForYou" from Hack the Box! ​

https://affiliate.hackthebox.com/bryanmcnulty-onlyforyou