Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Stratus Red Team: Open-source tool for adversary emulation in the cloud
In this Help Net Security video, Christophe Tafani-Dereeper, Cloud Security Researcher and Advocate at DataDog, talks about Stratus Red Team, an open-source project for …
Detectree: Open-source tool simplifies data analysis for blue teams, reduces alert fatigue
Many companies struggle to understand malicious activity and its effects while a security incident is in progress. It eats up time and resources that defenders need to contain …
Hijacking of popular ctx and phpass packages reveals open source security gaps
The Python module “ctx” and a fork of the PHP library “phpass” have recently been modified by an unknown attacker to grab AWS credentials/keys and send …
Solving the problem of secrets sprawling in corporate codebases
GitGuardian announced the results of its report which extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in …
Contrast Security partners with GitHub to deliver pipeline-native security to developers
Contrast Security announced its partnership with GitHub and the availability of its suite of GitHub Actions, simplifying the process for developers to ensure the code they …
GoTestWAF: Open-source project for evaluating web application security solutions
GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, etc. It was …
CasaOS: Open-source home cloud based on the Docker ecosystem
For parents and families, the thought of someone gaining access to sensitive information can be nothing short of a nightmare. However, one group of developers are on a mission …
XMGoat: Open-source pentesting tool for Azure
XMGoat is an open-source tool that enables penetration testers, red teamers, security consultants, and cloud experts to learn how to abuse different misconfigurations within …
Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide
Researchers at Spectral discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than …
Acra: Open-source database protection with field-level encryption and intrusion detection
Cossack Labs updated its flagship open-source product Acra database security suite to version 0.90.0 and made many of its core security features previously available only for …
Featured news
Sponsored
Don't miss
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity