Please turn on your JavaScript for this page to function normally.

OWASP

API
Is the new OWASP API Top 10 helpful to defenders?

The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) …

open-source OSINT tools
8 open-source OSINT tools you should try

Open-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are …

open-source recon tools
10 open-source recon tools worth your time

Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten …

RSAC2023 entrance
Photos: RSA Conference 2023

RSA Conference 2023 is taking place at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. Here are a few photos …

Handshake
42Crunch joins OWASP as a corporate member to advance API security

42Crunch has become corporate member of the Open Web Application Security Project (OWASP), a worldwide not-for-profit charitable organization focused on improving the security …

vulnerability assessment tools
5 open-source vulnerability assessment tools to try out

A vulnerability assessment is a methodical examination of network infrastructure, computer systems, and software with the goal of identifying and addressing known security …

Black Hat USA 2022
Black Hat USA 2022 video walkthrough

In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …

Terminal
API security warrants its own specific solution

Application programming interfaces (APIs) enable developers to quickly and easily roll-out services but they’re also equally attractive to attackers. This is because they can …

application security testing
GoTestWAF: Open-source project for evaluating web application security solutions

GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, etc. It was …

HITB training
What is wrong with developer security training?

“Turn a developer into a hacker” is a commonly heard call. There are many online courses and trainings that ostensibly teach developers how to write code that’s …

skull binary
API attacks are both underdetected and underreported

Akamai released a research into the evolving threat landscape for application programming interfaces (APIs), which according to Gartner will be the most frequent online attack …

IriusRisk Community Edition offers free threat knowledge base for developers

IriusRisk has expanded the free Community Edition of its platform to include its entire threat and countermeasure knowledge base. Engineering teams using the Community Edition …

Featured news

Sponsored

Don't miss

Cybersecurity news