Found this interesting list: https://list.latio.tech/
On the open source side, there is https://www.dependencytrack.org/
Oh nice, wasn't aware of this, definitely looks interesting, thanks! I am an OSCP holder as well.
Learn the foundations of web application assessments. Exploit common web vulnerabilities, learn how to exfiltrate sensitive data from target web applications, and earn your OffSec Web Assessor (OSWA) certification.
Learn the foundations of web application assessments. Exploit common web vulnerabilities, learn how to exfiltrate sensitive data from target web applications, and earn your OffSec Web Assessor (OSWA) certification.
cross-posted from: https://infosec.pub/post/8123190
> Hello everyone, > > > I work in appsec, my manager would like to send us to a conference this year. We are based in Europe, and the company would like to across intercontinental travel. > > I have OWASP Global 2024 in Lisbon on my radar, as well as the BlackHat EU in London, is there any other conference you guys would recommend?
Hello everyone,
I hope this post belongs here, otherwise I'll move it to !appsec@infosec.pub.
I work in appsec, my manager would like to send us to a conference this year. We are based in Europe, and the company would like to across intercontinental travel.
I have OWASP Global 2024 in Lisbon on my radar, as well as the BlackHat EU in London, is there any other conference you guys would recommend?
A database of cloud security incidents, campaigns, and techniques, Portswigger's labs on testing LLMs in web apps, using Azure logs for detection
![[tl;dr sec] #215 - Cloud Threat Landscape, Web LLM Security Labs, Azure Logs Primer](https://lemdro.id/pictrs/image/63ec7623-ba44-499e-90cc-006049e0e193.png?format=webp&thumbnail=256)
A new script in the community-scripts repository enables the signing of outgoing requests with RSA keys, addressing the challenge of testing applications that require this functionality.
Why the downvotes? This is a call for speakers to a security conference
Stir Trek 2024 will take place at the AMC Easton Town Center 30 on Friday, May 3rd. We'll be at the same great location we have been for the past few ...
INTRODUCTION Application Security leaders, software engineers, and researchers from all over the world gather at Global AppSec conferences to drive visibility and evolution in the safety and security of the world’s software, as well as to network, collaborate, and share the newest innovations in...
Useful secure defaults + SCPs for your AWS account, a chatbot LLM ReAct agent for prompt injection practice, vulnerable by design AWS Cloud Development Kit infrastructure
![[tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat](https://infosec.pub/pictrs/image/4c257586-421f-4f89-93bc-c8cdd24e0b28.png?format=webp&thumbnail=256)
A review of application security happenings and industry news from Chris Romeo.
Trustwave Transfers ModSecurity Custodianship to OWASP on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
AI dev assistants can be convinced to spill secrets learned during training
That's kind of legacy debt at some point. I understand why they still want to move towards evolving the standard
Write-up: https://lock.cmpxchg8b.com/zenbleed.html
A recently patched flaw in OpenSSH (CVE-2023-38408) could allow remote attackers to run arbitrary commands on vulnerable hosts.
Twelve Norwegian government ministries have been hit by a cyber attack, the Norwegian government said on Monday, the latest attack to hit the public sector of Europe's largest gas supplier and NATO's northernmost member.
cross-posted from: https://lemmy.capebreton.social/post/82259
> OSLO, July 24 (Reuters) - Twelve Norwegian government ministries have been hit by a cyber attack, the Norwegian government said on Monday, the latest attack to hit the public sector of Europe's largest gas supplier and NATO's northernmost member. > > "We identified a weakness in the platform of one of our suppliers. That weakness has now been shut," Erik Hope, head of the government agency in charge of providing services to ministries, told a news conference. > > The attack was identified due to "unusual" traffic on the supplier's platform, Hope said, declining to provide specifics. It was uncovered on July 12 and was being investigated by police. > > "It is too early to say who is back this and what is the extent of the impact (of the attack)," he said.
Celebrate the life of Kevin Mitnick, leave a kind word or memory and get funeral service information care of King David Memorial Chapel & Cemetery.
RIP
Finally done with my 120 CPEs for my CISSP. That was a long ride, happy to be done with it
