Security operation centers are becoming more and more important in the life of a company. As security experts said once, there are two types of companies, those who have been hacked and those who don’t know yet they get hacked. Building a SOC is based on 3 main pillars, which ...
If you are thinking about building a SOC then the first question you may get into your head is this, what are the components of a security operation center? A security operation center has three main components: People Process Technology If you are interested in knowing more about this component ...
Building a SOC is a great experience either for the people who will work on it or for the company that will adopt it. With the increase of network complexity and attack sophistication, getting hacked is becoming just a question of time. Preventing security breaches is not more the right ...
Python is one of the rising development technologies in the market. Many software development companies start using it for developing web applications. Like any software development technology, Python may also have multiple security issues that can hurt websites and be the cause of a security breach. In this blog post, ...
Web servers are becoming more and more the first target for attacks. This focus comes from the fact that web servers are the most exposed servers in any company network. In addition, taking control over the webserver could be the first access point to the local network of the victim. ...
One of the most common questions that I get from my students when I do my penetration test course is what is the most common web security vulnerability? After years of experience in penetration testing, I had a conviction that this question has a different response depending on the period ...
Web application technology is one of the most popular and rising types of software used by companies in their daily business life. In addition, it is the most exposed surface for the public. In the last decade, most people have started noticing an increase in security threats affecting this technology, ...
Every time I do a course about penetration testing or secure coding, the most common question I get from my student is for example, Does SQL injection still work 2021? SQL injection still works in 2021 and it will probably still working at least for the next 5 years. In ...
One of the most confusing systems in the DevSecOps methodology is Dynamic application security testing (DAST). Many people I’ve met think are basically confused between DAST penetration testing and either a DAST tool can be part of the DevSecOps or not. Therefore, in this blog post, I am going to ...
In the last few years, I have worked with some companies in the market to implement security in their DevOps system, and it was really a good experience that let me understand what really works and what doesn’t in a DevSecOps environment. Here is a table that summaries the pros ...
Undoubtedly, ChatGPT stands out as one of the most remarkable inventions of 2021. Its wide-ranging capabilities and applications have opened up endless possibilities for human interaction and problem-solving. Furthermore, certain users have begun employing ChatGPT for the actual execution of smart contract audits. However, can ChatGPT audit a smart contract? [...]
