Posts with this tag address the activity of malicious or ethical hackers to identify weaknesses, breach defenses and exploit vulnerabilities in systems.

Photo by Saketh Upadhya on Unsplash

February 1, 2023

Felipe Ruiz

Get an overview of vulnerability assessment

Learn what vulnerability assessment is, why this IT systems evaluation process is important, what types exist, and how it relates to vulnerability management.

Photo by Thomas Griggs on Unsplash

January 17, 2023

Jason Chavarría

Pentesting is a system-agnostic approach to security

The types of penetration testing include external and internal network, wireless, IoT, mobile application and social engineering pentesting. Learn more here.

Photo by sebastiaan stam on Unsplash

January 12, 2023

Carlos Bello

Injecting JS into one site is harmful, into all, lethal

In this blog post, we present in detail a vulnerability we discovered in Rushbet v2022.23.1-b490616d, along with the steps to follow to replicate the exploit.

Photo by Jeff Lemond on Unsplash

December 19, 2022

Jason Chavarría

How BAS solutions work, their importance and benefits

Learn about what breach and attack simulation is, how it works, why we need it for security testing and its benefits for defending against advanced threats.

Photo by Nahel Abdul Hadi on Unsplash

November 23, 2022

Carlos Bello

So it's the app itself that delivers the cookie to me?

In this blog post, I present in detail a zero-day vulnerability I discovered in KAYAK v161.1, along with the steps to follow to replicate the exploit.

Photo by Alexander Nikitenko on Unsplash

November 16, 2022

Felipe Ruiz

We adhere to the attack resistance management concept

This blog post explains the "attack surface management" and "attack resistance management" concepts and our transition from one to the other.

Photo by Erwan Hesry on Unsplash

November 4, 2022

Felipe Ruiz

Threat landscape and preventive measures for next year

Thanks to this blog post, you will get an idea of possible threats and preventive measures that will take place in the cybersecurity context in 2023.

Photo by ian dooley on Unsplash

October 20, 2022

Felipe Ruiz

How it works and how it differs from the "automated"

This blog post explains what manual penetration testing is, how it works to discover vulnerabilities, and its difference from so-called "automated pentesting."

Photo by Daniel Cooke on Unsplash

October 7, 2022

Felipe Ruiz

Many are waiting to be attacked by criminals to react

After reading this blog post, you will understand what a red team in cybersecurity is, how red teaming works and what benefits it can bring to your company.

Start your 21-day free trial

Discover benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial