software
The power of passive OS fingerprinting for accurate IoT device identification
The number of IoT devices in enterprise networks and across the internet is projected to reach 29 billion by the year 2030. This exponential growth has inadvertently increased …
What does optimal software security analysis look like?
In this Help Net Security interview, Kevin Valk, co-CEO at Codean, discusses the consequences of relying solely on automated tools for software security. He explains how these …
A closer look at the RFI on open-source software security
The U.S. Office of the National Cyber Director (ONCD) released a request for information (RFI) entitled Open-Source Software Security: Areas of Long-Term Focus and …
Does a secure coding training platform really work?
As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We …
Security Onion 2.4: Free, open platform for defenders gets huge update
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been downloaded over 2 million times and is being …
8 open-source OSINT tools you should try
Open-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are …
Findlargedir: Find all “blackhole” directories with a huge amount of filesystem entries
Findlargedir is a tool written to help quickly identify “black hole” directories on any filesystem having more than 100k entries in a single flat structure. When a …
Product showcase: Free email security test by ImmuniWeb Community Edition
According to an FBI report, in 2022, global losses from business email compromise (BEC) and email account compromise (EAC) attacks attained $43 billion, hitting a historic …
White House launches AI Cyber Challenge to make software more secure
The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the …
Assess multi-cloud security with the open-source CNAPPgoat project
Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox …
Open-source penetration testing tool BloodHound CE released
SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory …
UAC: Live response collection script for incident response
Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, …
Featured news
Resources
Don't miss
- Cryptomixer crypto laundering service taken down by law enforcement
- Treating MCP like an API creates security blind spots
- Offensive cyber power is spreading fast and changing global security
- Enterprise password audits made practical for busy security teams
- What zero trust looks like when you build it step by step