Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
brain
Counterfit: Open-source tool for testing the security of AI systems

After developing a tool for testing the security of its own AI systems and assessing them for vulnerabilities, Microsoft has decided to open-source it to help organizations …

mind map
MindAPI makes API security research and testing easier

Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. “I love mind maps. …

Pentest Robots
Product showcase: Pentest Robots

Security testing automation is not about building tech to replace humans. We don’t adhere to that limiting view because it fails to capture the complexity and depth of …

tools
Addressing the lack of knowledge around pen testing

The vast majority of attackers are opportunist criminals looking for easy targets to maximize their profits. If defenses are sufficiently fortified, finding a way through will …

shield
Application security: Getting it right, from the start

Security testing data is “the unsung hero” of securing application development. It’s the backbone of application development quality, compliance and risk management, and rests …

tools
SecOps teams face challenges in understanding how security tools work

Security professionals are overconfident in their tools with 50% reporting that they have experienced a security breach because one or more of their security products was not …

tools
The rise of continuous crowdsourced security testing for compliance

A large percentage of organizations and institutions are moving toward a rigorous, continuous testing model to ensure compliance, a Synack report reveals. As part of this …

CrackQ
CrackQ: Efficient password cracking for pentesters and red teamers

CrackQ employs automation to make password cracking a faster and more efficient undertaking for pentesters and red teamers. CrackQ dashboard “Regular security testing is …

collaboration
Most IT pros find red team exercises more effective than blue team testing

More than one-third of security professionals’ defensive blue teams fail to catch offensive red teams, a study from Exabeam reveals. The survey, conducted at Black Hat USA …

magnifying glass
Organizations that scan applications in production have a reduced risk of being breached

Despite a significantly increased focus on application security testing, remediation rates for vulnerabilities continue to shrink, according to WhiteHat Security. Setu …

Microsoft Attack Surface Analyzer
Microsoft’s Attack Surface Analyzer now works on Macs and Linux, too

Microsoft has rewritten and open-sourced Attack Surface Analyzer (ASA), a security tool that points out potentially risky system changes introduced by the installation of new …

Google Chrome
Should you trust that Chrome extension? Use CRXcavator to decide

Duo Security has released CRXcavator, a tool that can help end users and enterprises make an informed decision about installing a specific Chrome extension. About CRXcavator …

Don't miss

Cybersecurity news