scanning Archives - Help Net Security

scanning

Industrial facilities progressively at risk of data theft and ransomware attacks

July 1, 2021

Trend Micro released a new report highlighting the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. “Industrial …

The basics of security code review

May 19, 2021

With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …

Is it OK to publish PoC exploits for vulnerabilities and patches?

May 5, 2021

In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …

Kubestriker: A security auditing tool for Kubernetes clusters

May 4, 2021

Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …

Consumers embracing biometrics to protect their information

April 26, 2021

Consumers across the U.S. and Canada have embraced digital banking and biometric identity proofing during the COVID-19 pandemic, a FICO study has found. The study found that …

Product showcase: Accurics

April 20, 2021

It is no big secret that infrastructure has changed over the last decade. We went from tools such as autossh, to configuration management, and ended up with Infrastructure as …

When it comes to vulnerability triage, ditch CVSS and prioritize exploitability

February 10, 2021

When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …

Vulnerability management isn’t working for cloud security: Here’s how to do it right

January 18, 2021

Three things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches. But there is no reason why public cloud or hybrid cloud breaches must …

Addressing the lack of knowledge around pen testing

January 12, 2021

The vast majority of attackers are opportunist criminals looking for easy targets to maximize their profits. If defenses are sufficiently fortified, finding a way through will …

Most companies have high-risk vulnerabilities on their network perimeter

October 29, 2020

Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including …

Theory and practice of web application security efforts in organizations worldwide

October 15, 2020

75% of executives believe their organization scans all web applications for security vulnerabilities, while nearly 50% of security staff say they don’t, a Netsparker …

GitHub envisions a world with fewer software vulnerabilities

October 13, 2020

After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …