software
The pitfalls of neglecting security ownership at the design stage
For companies to avoid bleeding millions through cyber threats, they must build adaptability into their security strategy from the start while considering a range of inputs …
Network Flight Simulator: Open-source adversary simulation tool
Network Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility. The tool …
5 free vulnerability scanners you should check out
Vulnerability scanners delve into systems to uncover security gaps. The primary mission? To fortify organizations against breaches and shield sensitive data from exposure. …
BinDiff: Open-source comparison tool for binary files
BinDiff is a binary file comparison tool to find differences and similarities in disassembled code quickly. It was made open source today. With BinDiff, you can identify and …
Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats
Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills. While antivirus and non-human …
What AppSec and developers working in cloud-native environments need to know
All enterprise organizations are, in essence, software publishers, regardless of their industry. This is because every enterprise relies on custom software applications for …
Securing OTA with Harman International’s Michal Geva
The once far-off vision of remotely updating software without needing to bring it into a service center was initially designed for bug fixes and cybersecurity updates. Today, …
The rise and evolution of supply chain attacks
A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, …
Shifting left and right, innovating product security
In this Help Net Security interview, Slava Bronfman, CEO at Cybellum, discusses approaches for achieving product security throughout a device’s entire lifecycle, …
Reaper: Open-source reconnaissance and attack proxy workflow automation
Reaper is an open-source reconnaissance and attack proxy, built to be a modern, lightweight, and efficient equivalent to Burp Suite/ZAP. It focuses on automation, …
Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store
ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …
The power of passive OS fingerprinting for accurate IoT device identification
The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased …