Blog

by mathildeexlm mathildeexlm No Comments

How to report a security issue in a standardized manner with Security.txt

The sushi syntax is incorrect

Our story begins on a Friday evening. An InfoSec guy passes an order on an only sushi shop to take a romantic break with his sweetheart. He selects dishes and clicks on the “Checkout” button, however, instead of receiving the expected checkout page, he gets an SQL error page:

“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near “Sushi”.”

Read more

by mathildeexlm mathildeexlm No Comments

Move to an efficient Vulnerability Management with a risk-based approach

Market Observations

Market observations show that more than two-thirds of companies over the world anticipate either a decrease or no change of their IT budget in the “Covid-19 recovering phase”. In the meantime, about 80% declare they do not adjust their budget according to the business impact1Source: Gartner. As the market continues to lack skilled cybersecurity staff to meet the growing demand, organizations are forced to do “more with less”.

Read more

by mathildeexlm mathildeexlm No Comments

How to test your defence in-depth with the Assume Breach approach

For the past two years, we observed growing requests of companies towards realistic tests based on breach and crisis simulations. Indeed, the classic model shows its limits when an application or a network has been tested many times. One can be pretty sure that the first line is secured, but another one can also be completely blind about what could happen next if it is not the case.

Read more

Top