Blog

  • Let’s take a look at my big takeaways from this year’s event and what I’ve learned. Beyond great briefings and learning from those around me, events like Black Hat are also a great opportunity to make and develop connections. We had countless members of the security community stop by our booth for a selfie and some swag, we attended countless social events and even hosted our own!
  • Black Hat USA 2023 is less than a week away and we have some tips and tricks to help you get ready and to make the most out of your visit! Over the years, many things change at Black Hat, but there are some things that will always stay the same.
  • 250,000 scans was a  big deal for me back then, and it's pretty wild to think that we've added another three zeros since, but I had no idea this was only the beginning! As the months and years ticked by, we continued to cross through some incredible milestones. As each one came and rolled by, I still couldn't believe just how popular the site was becoming, and the site seemed to be growing in popularity at a relentless pace.
  • How can you significantly enhance the efficiency and effectiveness of your security program in a complex IT Environment without a major investment in new products or processes?  You may want to consider shifting your security-focused activities to an earlier stage in the development and deployment cycle.  Removing your historical security silos and refocusing them on a synergistic approach can provide a relatively quick and cost-effective way to make the kind of risk mitigation impact you, as a security professional, are seeking.
  • As part of our mission to make security available for everyone in the community, Probely is proud to announce that we are joining forces with Security Headers. Security Headers is a wildly popular tool with the security community having launched almost 250M Security Headers scans to date. This collaboration will allow users of Security Headers to benefit from our shared commitment to keeping security testing open and accessible.
  • The entire team is abruptly woken up by the deafening screech of the fire alarm. Everyone is suddenly snapped awake and confused in a state of panic. Even though this wasn't a premeditated event, it was a good lesson for the team on the impact of false positives. At Probely, we thrive at having one of the best false-positive rates in the market, and incidents like this help pass the message to the other team members.
  • This year’s RSA Conference was full of the latest and most excellent tools and tips for improving information security in the enterprise. I specifically sought out topics related to application security, and the sessions didn’t disappoint. It was nice to hear about emerging tools and the importance of not ignoring the basics. The latter is something that I have been evangelizing for decades, and it’s good to see that it’s finally getting traction, especially in the application security space.
  • Web API endpoints have a relatively small footprint compared to the overall web application environment. Still, they provide an entry point into critical parts of the application that can let attackers interact and manipulate things for ill-gotten gains. Some API exploits can facilitate attacks against users. Others can lead to full compromise of the web environment.