Bill<p>I really need to order a new pack of this. <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p>
Viimatised otsingud
Pole viimatisi otsinguid
Otsimisvalikud
Saadaval vaid kui sisse logitud.
est.social on üks paljudest sõltumatutest Mastodoni serveritest, mida saab fediversumis osalemiseks kasutada.
est.social on mõeldud Eestis üldkasutatavaks Mastodoni serveriks.
est.social is meant to be a general use Mastodon server for Estonia.
Administraator:
Serveri statistika:
85aktiivsed kasutajad
est.social: Teave · Profiilikataloog · Isikuandmete kaitse
Mastodon: Teave · Tõmba äpp · Kiirklahvid · Lähtekood · v4.3.6+est
#pentesting
4 postitusega · 4 osalejaga · 0 postitust täna
Bill<p>NIST getting in on the AI security bandwagon. I'd be happier about that if I trusted anyone in the district anymore.</p><p><a href="https://www.infosecurity-magazine.com/news/nist-limitations-ai-ml-security/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">infosecurity-magazine.com/news</span><span class="invisible">/nist-limitations-ai-ml-security/</span></a></p><p>What we really need is some edits to the PTES or something with a GenAI test plan.</p><p><a href="https://infosec.exchange/tags/genai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>genai</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p>
0x40k<p>Whoa, the IT security world was on FIRE this week! 🤯 Open source supply chain attacks, malware sneaking into the Play Store, ransomware bypassing EDR... and is AI just pouring gasoline on the phishing flames?! Seriously intense! 😳 Cloud security's getting a raw deal and let's be real, backups are only as good as their security.</p><p>It's wild how rapidly the threat landscape's evolving, isn't it? Gotta stay sharp, folks! Automated vulnerability scans? They're definitely nice, but manual penetration tests are still essential. And AI? Awesome tech, but also seriously risky. Disinformation and manipulation are spiraling out of control. We've gotta stay vigilant!</p><p>So, what are *your* biggest IT security pain points right now? Spill the beans!</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/offensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>offensiveSecurity</span></a></p>
0x40k<p>Alright, Okta and similar tools are cool and all, but don't think they're a get-out-of-jail-free card for security! 😉 I frequently see IAM systems configured incorrectly. For instance, MFA is often forgotten. What about outdated accounts? Or giving admin rights to everyone? Boom! You've got a potential breach on your hands. 💥</p><p>Listen up: IAM isn't just about setting it up and forgetting about it; you've *got* to *live* it! Automation definitely helps, but it's no substitute for manual checks. Regular pentests are a must, and certificates only tell part of the story. 📃</p><p>So, what IAM best practices do you use (beyond the standard documentation)? 🤔 Let's share some insights! <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/okta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>okta</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
Bill<p>Hey <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a> people. How do you handle organization of testing artifacts when you are dealing with tons of apps? I have a new client in deep water, their app suite is 20 years old and shows it. They have 53 endpoints. </p><p>My testing strategy is not designed for that.</p><p>How do you keep things organized? Is there a cool tool I need to know about? Is it Burp Suite Enterprise time for POINT? How do you keep your notes?</p><p>I know a lot of this is kinda up to your own personal philosophy for testing, but I thought it would make for informative conversation fodder for St. Paddy. ☘️ </p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p>
Bill<p>Apropos of nothing, PeopleSoft uses 303 See Other as a response code for auth redirects and whatnot. It's pointed out a weakness in all the cool filters I use. Always learning. <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a></p>
AvastaLaiv lõimed
Mastodon on parim viis olemaks kursis sellega, mis toimub.
Jälgi ükskõik keda kogu fediversumist ja näe kõike ajalises järjestuses. Ei mingeid algoritme, reklaame või klikipüüdjaid segamas.
Loo kontoLogi sisseLohista & aseta üleslaadimiseks