Greg Balnis on Cybersecurity
@cybersecurity.balnis.eu
#cybersecurity #appsec #privacy #dataprotection
What's wrong with these 3rd party scripts? Something to share with our marketing colleagues, maybe they'll finally get it... 😡
#appsec #asvs10.3.2 #asvs14.2.3
open.spotify.com/episode/111q...
#appsec #asvs10.3.2 #asvs14.2.3
open.spotify.com/episode/111q...
SE Radio 642: Simon Wijckmans on Third-Party Browser Script Security
Software Engineering Radio - the podcast for professional software developers · Episode
open.spotify.com
December 17, 2024 at 4:25 PM
What's wrong with these 3rd party scripts? Something to share with our marketing colleagues, maybe they'll finally get it... 😡
#appsec #asvs10.3.2 #asvs14.2.3
open.spotify.com/episode/111q...
#appsec #asvs10.3.2 #asvs14.2.3
open.spotify.com/episode/111q...
Web Application Security for DevOps: Anti-CSRF and Cookie SameSite Options
#appsec #asvs3.4.3 #asvs4.2.2
www.bitsight.com/blog/web-app...
#appsec #asvs3.4.3 #asvs4.2.2
www.bitsight.com/blog/web-app...
Web Application Security for DevOps: Anti-CSRF and Cookie SameSite Options | Bitsight
Continuing our web app security series: explore POST requests and how logging out works with cookies and session IDs and more.
www.bitsight.com
December 13, 2024 at 12:57 PM
Web Application Security for DevOps: Anti-CSRF and Cookie SameSite Options
#appsec #asvs3.4.3 #asvs4.2.2
www.bitsight.com/blog/web-app...
#appsec #asvs3.4.3 #asvs4.2.2
www.bitsight.com/blog/web-app...
Reposted by Greg Balnis on Cybersecurity
OWASP Members change the world. Your membership helps shape the organization and drives our projects and community. If you are not a member or are due for renewal within 60 days, please join or renew today and get 10-25% off!
owasp.org/membership > Memberships > Apply
owasp.org/membership > Memberships > Apply
December 12, 2024 at 7:34 PM
OWASP Members change the world. Your membership helps shape the organization and drives our projects and community. If you are not a member or are due for renewal within 60 days, please join or renew today and get 10-25% off!
owasp.org/membership > Memberships > Apply
owasp.org/membership > Memberships > Apply
Reposted by Greg Balnis on Cybersecurity
oh hey that thing we said was a bad idea is a bad idea
Microsoft Recall screenshots credit cards and Social Security numbers, even with the "sensitive information" filter enabled
Despite promising to filter personal data out, Recall still captures it.
www.tomshardware.com
December 13, 2024 at 1:51 AM
oh hey that thing we said was a bad idea is a bad idea
»"AppSec exhaustion" phenomenon, evidenced by declining engagement in security measures and widespread failure to meet vulnerability management goals, suggests that current approaches to security may be unsustainable.«
#AppSec #Cybersecurity #SupplyChainSecurity
snyk.io/lp/state-of-...
#AppSec #Cybersecurity #SupplyChainSecurity
snyk.io/lp/state-of-...
2024 State of Open Source Security Report | Snyk
Snyk’s annual SoOSS report reveals trends in the software industry’s approach to securing open source software (OSS).
snyk.io
December 12, 2024 at 5:14 AM
»"AppSec exhaustion" phenomenon, evidenced by declining engagement in security measures and widespread failure to meet vulnerability management goals, suggests that current approaches to security may be unsustainable.«
#AppSec #Cybersecurity #SupplyChainSecurity
snyk.io/lp/state-of-...
#AppSec #Cybersecurity #SupplyChainSecurity
snyk.io/lp/state-of-...
Reposted by Greg Balnis on Cybersecurity
Protip: When a security researcher is giving a talk and they say "However..." or "Unfortunately...", sit up and pay attention, because things are about to get real. #blackhatEU
December 11, 2024 at 10:29 AM
Protip: When a security researcher is giving a talk and they say "However..." or "Unfortunately...", sit up and pay attention, because things are about to get real. #blackhatEU
Absolutely a must read, unpacking artificial intelligence and breaking it down to what works, what may work and what is a total bs.
#ArtificialIntelligence #AIHype #AIBooks
www.aisnakeoil.com/p/starting-r...
#ArtificialIntelligence #AIHype #AIBooks
www.aisnakeoil.com/p/starting-r...
Starting reading the AI Snake Oil book online today
The book will be published on September 24
www.aisnakeoil.com
December 8, 2024 at 10:04 AM
Absolutely a must read, unpacking artificial intelligence and breaking it down to what works, what may work and what is a total bs.
#ArtificialIntelligence #AIHype #AIBooks
www.aisnakeoil.com/p/starting-r...
#ArtificialIntelligence #AIHype #AIBooks
www.aisnakeoil.com/p/starting-r...
Many thanks to Shruti Kulkarni for presenting her talk "I Know What You Did Last Summer" at the OWASP London Chapter Meetup last Monday! The recording of the talk is now available to watch 📺 here:
👇
youtu.be/ZT5ruU74gcM?...
👇
youtu.be/ZT5ruU74gcM?...
I know what you did last summer - Shruti Kulkarni
YouTube video by OWASP London
youtu.be
December 1, 2024 at 6:19 AM
Reposted by Greg Balnis on Cybersecurity
Notable Privacy and Security Books in 2024
teachprivacy.com/notable-priv... #privacy #cybersecurity #datasecurity #AI
teachprivacy.com/notable-priv... #privacy #cybersecurity #datasecurity #AI
Notable Privacy and Security Books 2024
Here are some notable books on privacy and security from 2024. To see a more comprehensive list of nonfiction works about privacy and security for all
teachprivacy.com
November 29, 2024 at 5:29 PM
Notable Privacy and Security Books in 2024
teachprivacy.com/notable-priv... #privacy #cybersecurity #datasecurity #AI
teachprivacy.com/notable-priv... #privacy #cybersecurity #datasecurity #AI
Interesting how people are complaining about the change to Strava API terms of use without explaining how they are bad for the users. All I see is people crying how inconvenient it is for their business.
#strava #stravaapi #privacy #dataprotection
press.strava.com/articles/upd...
#strava #stravaapi #privacy #dataprotection
press.strava.com/articles/upd...
Updates to Strava’s API Agreement
press.strava.com
November 30, 2024 at 6:19 AM
Interesting how people are complaining about the change to Strava API terms of use without explaining how they are bad for the users. All I see is people crying how inconvenient it is for their business.
#strava #stravaapi #privacy #dataprotection
press.strava.com/articles/upd...
#strava #stravaapi #privacy #dataprotection
press.strava.com/articles/upd...
Reposted by Greg Balnis on Cybersecurity
How do I play OWAS Cornucopia without any knowledge of threat modeling or owasp?
You will find that it is surprisingly easy just watch this video by Grant Ongers.
m.youtube.com/watch?v=XXTP...
#cybersec #appsec #owasp #infosec #threatmodeling #cornucopia #gameification
You will find that it is surprisingly easy just watch this video by Grant Ongers.
m.youtube.com/watch?v=XXTP...
#cybersec #appsec #owasp #infosec #threatmodeling #cornucopia #gameification
How to play OWASP Cornucopia
YouTube video by OWASP Foundation
m.youtube.com
November 29, 2024 at 6:24 AM
How do I play OWAS Cornucopia without any knowledge of threat modeling or owasp?
You will find that it is surprisingly easy just watch this video by Grant Ongers.
m.youtube.com/watch?v=XXTP...
#cybersec #appsec #owasp #infosec #threatmodeling #cornucopia #gameification
You will find that it is surprisingly easy just watch this video by Grant Ongers.
m.youtube.com/watch?v=XXTP...
#cybersec #appsec #owasp #infosec #threatmodeling #cornucopia #gameification