SecurityOnline: noir v0.5.1 releases: attack surface detector from source code https://securityonline.info/noir-attack-surface-detector-from-source-code/ #WebVulnerabilityAnalysis #VulnerabilityAnalysis #attacksurface

SecurityOnline: noir: attack surface detector from source code https://securityonline.info/noir-attack-surface-detector-from-source-code/ #WebVulnerabilityAnalysis #VulnerabilityAnalysis #attacksurface

Reminder: Every "free" web account that you create is an attack vector, an addition to your attack surface. Every additional set of login credentials that has anything to do with "you", every working email address you provide: each one of these is a digital point of weakness that you have voluntarily provided to your enemies and predators. Make sure each new one is worth it.
#CyberSecurity #credentials #CyberAttack #OnlineSafety #AttackVector #AttackSurface

Our open, extensible architecture provides better visibility across your entire #attacksurface by integrating threat information from your existing and future security investments.

Learn more about the power of Taegis XDR: https://www.secureworks.com/products/taegis/xdr #XDR #Secureworks

How to find endpoints susceptible to possible IDOR vulnerabilities 👇🔎

#recon #AttackSurface #idor #bugbountytips #bugbounty

Mastering Subdomain Enumeration 🎯

🔗 https://medium.com/@H0tak88r/mastering-subdomain-enumeration-6c84571b07b

#BugBounty #recon #AttackSurface

It's time to start really thinking hard about how to #ProtectAI and ourselves from #AI. Finally, someone is starting the conversation about identifying the #AttackSurface. We need to build upon this as the weeks/months carry on with #LLM like #ChatGPT: https://danielmiessler.com/blog/the-ai-attack-surface-map-v1-0/?mc_cid=e624e51c73&mc_eid=f3b7f7e36f

@deepthoughts10 @GossiTheDog I think #attackSurface reduction is not well understood by many non #security folks as well as security folks.

You don’t have to fix so often what is not exposed
Try to be lazy and don’t expose it right from the start

I'm very happy to announce that I'll be a trainer at the upcoming Hack Space Con (https://www.hackspacecon.com) being held at the @NASA Kennedy Space Center on April 14th. Hope to see you there!

#infosec #networksecurity #osint #dns #recon @amass #attacksurface #redteam #bugbounty

https://www.hackspacecon.com/free-training-workshops

RT @jeff_foley
I'm very happy to announce that I'll be a trainer at the upcoming @HackSpaceCon being held at the @NASAKennedy Space Center on April 14th. Hope to see you there!

#infosec #networksecurity #osint #dns #recon @owaspamass #attacksurface #redteam #bugbounty

https://www.hackspacecon.com/free-training-workshops

Thank you for playing - these are all parts of an #attacksurface (and all results were correct!)

Quiz time again! ⌚ Vote below ⬇

Continuous attack surface management tracks which of the following parts of an organization's digital footprint?

#attacksurface #attacksurfacemanagement

The modern #SaaS #attacksurface, by the numbers #security #infosec

https://www.nudgesecurity.com/post/the-saas-attack-surface-by-the-numbers

The modern #SaaS #attacksurface, by the numbers #security #infosec

https://www.nudgesecurity.com/post/the-saas-attack-surface-by-the-numbers

Are you attending tomorrow’s Attack Surface Management Summit? Not only are we a sponsor, we have two sessions: “What Our 2022 Data Reveals About the Most Pressing #Exposures on Your #AttackSurface” and “Why All Roads Lead Back to the #Cloud – and Why It’s So Easily Compromised” by Wes Hutcherson and Nate Robb.

Reserve your spot today! https://bfx.social/3Z8bTWA

New post, "External Attack Surface Management and its Integration with Cybersecurity Operations

https://unveiledsecurity.com/2023/02/10/external-attack-surface-management-and-its-integration-with-cybersecurity-operations/

#Cybersecurity #CyberThreatIntelligence #VulnerabilityManagement #AttackSurface

Excited to announce our sponsorship of the 2023 Attack Surface Management Summit! Join us and other leaders in the #security industry as we discuss the latest trends and strategies in securing the modern #attacksurface.

Tune in to our sessions as well featuring Wes Hutcherson and Nate Robb, “What Our 2022 Data Reveals About the Most Pressing #Exposures on Your Attack Surface” and “Why All Roads Lead Back to the #Cloud – and Why It’s So Easily Compromised.” Register for this summit here: https://bfx.social/3XbbvFy

Calling all #pentest, #redteam, and #bugbounty professionals in #bengaluru, #india. I'll soon be #hiring an experienced technical lead for my #attacksurface operations team at @zerofox. The person selected for the role will report to me and manage the day-to-day tasking of that team. Also, this person could eventually be promoted to my #research team. Please contact me if you're interested in discussing the opportunity and you're not a recruiter.

#osint #recon #reconnaissance #securiy #infosec #golang #attacksurfacemgmt #automation #scalability #cloudinfrastructure #hiringnow #talentacquisition

#cybersecurity vulnerability detection tools are all very similar.
They find stuff which may or may not be real.
Then the work starts…

Assessment coverage assurance
Validation/Triage
Risk assessment
Prioritisation
Assignment
Tracking
Remedy
Retest
Schedule/Repeatability

Pitfalls:

+Manual Logic testing - automated scanning won’t find the juicy vulnerabilities.

+Layers of coverage - cloud, mobile, webapp, API, network, host.

#vulnerability #attacksurface #pentesting

It was great being on The Hacker Factory #podcast since it’s always a pleasure discussing #infosec with @phil!

We covered a bit about how I learned to automate tasks early in my #career while working as a network administrator, and how this skill proved even more useful as I shifted my occupation towards #cybersecurity

#security #networksecurity #careertips #attacksurface #programming #automation

https://thehackerfactory.simplecast.com/episodes/a-conversation-with-owasp-amass-creator-jeff-foley-the-hacker-factory-podcast-with-phillip-wylie-ZeDvvk7j