As part of our mission to make security available for everyone in the community, Probely is proud to announce that we are joining forces with Security Headers. Security Headers is a wildly popular tool with the security community having launched almost 250M Security Headers scans to date. This collaboration will allow users of Security Headers to benefit from our shared commitment to keeping security testing open and accessible.
The entire team is abruptly woken up by the deafening screech of the fire alarm. Everyone is suddenly snapped awake and confused in a state of panic. Even though this wasn't a premeditated event, it was a good lesson for the team on the impact of false positives. At Probely, we thrive at having one of the best false-positive rates in the market, and incidents like this help pass the message to the other team members.
This year was a remarkable experience for us at Appsec Village, and one that we learned a lot: from the level of knowledge of our participants, about how our game ran, and how to make it more efficient for next time. “The Ultimate Appsec Challenge'' was a fun and interactive way to test your Appsec knowledge while racing against the clock.
This year’s RSA Conference was full of the latest and most excellent tools and tips for improving information security in the enterprise. I specifically sought out topics related to application security, and the sessions didn’t disappoint. It was nice to hear about emerging tools and the importance of not ignoring the basics. The latter is something that I have been evangelizing for decades, and it’s good to see that it’s finally getting traction, especially in the application security space.
Web API endpoints have a relatively small footprint compared to the overall web application environment. Still, they provide an entry point into critical parts of the application that can let attackers interact and manipulate things for ill-gotten gains. Some API exploits can facilitate attacks against users. Others can lead to full compromise of the web environment.
The Open Web Application Security Project (OWASP) Top 10 is a consensus list of the top web application security concerns, guiding testers and developers. The 2021 version includes new categories and relabelled items, providing a great resource for application security and audit/compliance. Leverage the OWASP Top 10 to spread awareness and make sure you don't miss out on anything.
This blog post defines GDPR Compliance for web application and API security, lists its potential technical and business impacts for the critical risks, explains how the Probely scanner can help with GDPR compliance and provides examples of what you can do right now to get started.
SAST has its place, DAST is great at finding the majority of flaws that the bad guys are going to uncover, and IAST offers unique approaches to complex situations. At a minimum, DAST should be your main focus. Step back and consider your application environment, your internal resources and expertise, as well as your budget.
As a Small Business owner, your security is probably not at the top of your to-do list. Even though we constantly see headlines of big breaches and corporations being targets of sophisticated attacks, small businesses that suffer from web-based attacks aren’t really prominent in the media. This might have you fall in a false sense of security.
The Probely team will, again, organize the security capture the flag (CTF) competitions on this edition of Pixels Camp. The CTF will take place at Pixels Camp, a 3 day non-stop tech event with talks, workshops and a 48 hour programming competition, held in Lisbon, Portugal, which had over 1000 attendees last year. Pixels Camp is organized by Bright Pixel, one of our investors.
This website uses cookies to provide you the best experience. For more information, read our Privacy Policy.