by Meador Inge | Feb 18, 2020 | Cloud, Featured, News, Techniques, Tools, Web
Introduction At Carve we perform at a lot of web application security assessments. Once we (1) find a vulnerability, we (2) confirm that it’s reproducible, write a proof of concept (PoC) exploit for the vulnerability to determine the impact, and then (3) focus...
by Ángel Suárez-Bárcena Martín | Jan 23, 2020 | AWS, Cloud, News, Techniques
Security is often a big concern when it comes to cloud computing. According to the Cloud Security Alliance (CSA), traditional security issues under the responsibility of cloud service providers (CSPs) are now less frequent, in contrast with those related to design,...
by Brad Dixon | Aug 9, 2019 | Disclosures, News
If you missed Brad’s talk, sign up for his Webinar. You might not know it but right now thousands of athletes are training and competing in virtual worlds. I’m not talking about League of Legends or Fortnite. Those games aren’t the only eSports in...
by Sylvia Fronczak | Apr 26, 2019 | News
The latest buzzword to hit many of our ears attempts to give us a sense of safety and comfort. We’re no longer just doing DevOps. We’re doing DevSecOps! It’s not an unworthy goal. With DevSecOps, we’ve gone past just working through automation and continuous...
by Eric Boersma | Apr 8, 2019 | News
Any application connected to the internet is at risk for attacks from malicious outsiders. It’s important to check your application for vulnerabilities because they may lead to hacking or data leakage. Today’s security software comes in many forms, both free and paid....
by Sylvia Fronczak | Mar 19, 2019 | News
When you think of API security, you typically think about your own APIs. So you’ll make sure you’re using proper authentication and authorization on your web services. Then you’ll verify you’re using secure coding practices. And then you’ll even add monitoring and...
