Detectify

detectify

Detectify Security Updates for 12 April

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

detectify

Modern application security requires speed, scale, and collaboration

Detectify is on a mission to make the Internet safer through automation and crowdsourced hacker knowledge. We recently published “A guide to modern web application security” for SaaS and tech organizations looking to bring their security up to speed with development. Download your free copy of the guide here. Organizations are shipping code daily, making it challenging for security teams to keep track of changes in the web application and keep up with new security threats.

detectify

Detectify Security Updates for March 23

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

detectify

Detectify Security Updates for March 8

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

detectify

How to hack smarter and find critical vulnerabilities with the new fuzzing engine

There is a common tendency that the typical DAST scanner finds the easiest to locate known security vulnerabilities. If you need to find vulnerabilities that are more difficult to detect – you need the help of security experts. But what if the DAST product could behave more like an automated hacker? The Security Research team at Detectify set themselves up to solve this problem and fundamentally upgrade the way we do fuzzing in our vulnerability scanner, Deep Scan.

detectify

Detectify security updates for February 22

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

detectify

Vuln of the Month: CVE-2020-10148 SolarWinds Orion Authentication Bypass

Every week, our global community of hand-picked Detectify Crowdsource ethical hackers submit new vulnerabilities that we make available to our users as automated security tests. In the new series Vuln of the Month, we deep-dive into an especially interesting vulnerability that was added to our scanner in the past month. First up: CVE-2020-10148, SolarWinds Orion Authentication Bypass. In January, Detectify added a security test for CVE-2020-10148, SolarWinds Orion Authentication Bypass.

detectify

Security Defender Insights: Improving security visibility in the remote-work reality

This edition of Detectify Security Defenders Insights focuses on best practices on how not to lose security visibility in 2021: For many small to mid-sized tech organizations, security visibility is an increasing challenge. 2020 was the true catalyst to their tech transformation from all in-house to suddenly working from home. This meant a pressured effort to make sure security was top-of-mind especially now that everyone was literally out-of-sight.

detectify

Detectify security updates for February 8

Our Crowdsource ethical hacker community has been busy sending us security updates, including 0-day research. For Asset Monitoring, we now push out tests more frequently at record speed within 25 minutes from hacker to scanner. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers.

detectify

Security Defender Insights: "bad actors are using intelligence and automatic tools, we need to surpass those abilities"

In this new series, Security Defender Insights, Detectify is recognizing Security Defenders in our network to bring you actionable insights and inspiration for your security strategies in 2021. We want to encourage open discussions about web security and show appreciation for hard-working security practitioners. So let’s get started with this interview with Roberto Arias Alegria, Information Security Architect at Quandoo.