Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Black Hat USA 2022
Black Hat USA 2022 video walkthrough

In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …

Terminal
API security warrants its own specific solution

Application programming interfaces (APIs) enable developers to quickly and easily roll-out services but they’re also equally attractive to attackers. This is because they can …

application security testing
GoTestWAF: Open-source project for evaluating web application security solutions

GoTestWAF is a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets, SOAP, XMLRPC, etc. It was …

HITB training
What is wrong with developer security training?

“Turn a developer into a hacker” is a commonly heard call. There are many online courses and trainings that ostensibly teach developers how to write code that’s …

skull binary
API attacks are both underdetected and underreported

Akamai released a research into the evolving threat landscape for application programming interfaces (APIs), which according to Gartner will be the most frequent online attack …

IriusRisk Community Edition offers free threat knowledge base for developers

IriusRisk has expanded the free Community Edition of its platform to include its entire threat and countermeasure knowledge base. Engineering teams using the Community Edition …

Approov offers free pinning generator tool to protect against automated attacks on APIs

Approov introduced the Mobile Certificate Pinning Generator, a free tool to help mobile-first companies make Man-in-the-Middle (MitM) attacks targeting mobile app APIs a thing …

OWASP Top 10
OWASP Top 10 2021: The most serious web application security risks

The definitive OWASP Top 10 2021 list is out, and it shows that broken access control is currently the most serious web application security risk. How is the list compiled? …

Tanya Janca
Sharing knowledge and moving towards securing all the things!

Originally a software developer (for 17 years), Tanya Janca, CEO of We Hack Purple, switched to security seven years ago. She founded the company to share as much knowledge as …

ShiftLeft Educate provides consistent and contextual training for developers of different skill levels

ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow. …

Hand
Why XSS is still an XXL issue in 2021

Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a …

ShiftLeft allows users to validate the accuracy of ShiftLeft CORE using OWASP Benchmark

ShiftLeft has released a tool enabling businesses to independently benchmark and validate the accuracy of ShiftLeft CORE using the Open Web Application Security Project …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools