WASM Security Assessment Techniques

WASM Security Assessment Techniques

Do we have a problem? The World Wide Web have been struggling with how to create portable, efficient and safe programs (pick two) for decades. The current best of breed attempt is called WebAssembly and is affectionately referred to as “WASM”. The project...
On Mitigation Strategies

On Mitigation Strategies

Introduction At Carve we perform at a lot of web application security assessments. Once we (1) find a vulnerability, we (2) confirm that it’s reproducible, write a proof of concept (PoC) exploit for the vulnerability to determine the impact, and then (3) focus...
Network monitoring with nmap

Network monitoring with nmap

Asset management is a problem we help many of our customers with. What are an organization’s assets, and how accurate and up-to-date is this information? Even with a mature asset management program, organizations want some form of validation of their result....