Mesut OezdilOn Out-of-band Application Security Testing (OAST)OAST detects hidden security vulnerabilities by analyzing external interactions of applications. It complements SAST and DAST, offering…Sep 23Sep 23
Lasantha Sanjeewa SilvaIntegrating Trivy and SonarQube with Jenkins PipelineIn this project, I will create a full CI/CD pipeline using Jenkins, incorporating SonarQube for code quality analysis and Trivy for…Sep 17Sep 17
Krzysztof PranczkinITNEXTA Practical Approach to SBOM in CI/CD Part II — Deploying Dependency-TrackThe article presents how to store and analyse Software Bill of Materials with OWASP Dependency-Track to identify security vulnerabilities…Sep 26, 20231Sep 26, 20231
Fred BlaiseIncluding risk acceptance in vulnerability managementEvery business takes risks, just as engineers take risks every day to meet business demands. Risk is certainly not something to avoid at…Jan 21, 2021Jan 21, 2021
Leandro B.inDevRootDeploying Dependency Track as a Container in Azure and building a PipeLine with Azure DevopsIn this article I will be showing how to deploy OWASP Dependency Track into an Azure Container and use it as an application. I will also…Aug 1, 20204Aug 1, 20204
SchesmuTwoBuild Your Own Lab SOC: A Step-by-Step Guide to Creating a SOC from Scratch — Part 2IntroductionAug 221Aug 221
Rebman K.Lab #3: Blocking SSH Brute-force Attacks with Active Response in WazuhHello and welcome back!! In the previous Lab, we looked at detecting brute force attacks using Wazuh. This post will discuss blocking…Feb 1Feb 1
Rebman K.Cybersecurity Home-lab: pt 2Welcome back to this thrilling series of home-lab building. In part 1 of this series, we installed and configured pfSense. Today we will…Apr 161Apr 161
Rebman K.Active Directory Pentesting Lab BuildIn this post, we build an Active Directory Lab for pen-testing. This lab is based on the TCM Security Practical Ethical Hacking Course. Get…Apr 2Apr 2
Rebman K.Cybersecurity Home-lab: pt 1Hello there! Welcome to the world of cybersecurity home-lab building! In this write-up, I’ll be sharing my journey and insights into…Apr 15Apr 15
Rebman K.Cybersecurity Home-lab (Pt 4): Adversary Emulation using Atomic Red Team and detection using Wazuh.IntroductionJul 31Jul 31
KhoaSOC Simulator | MyDFIR: 30-Day SOC Analyst ChallengeWith Steven from the MyDFIR YouTube channel leading the way, I’ve started a 30-day challenge to enhance my cybersecurity operations skills…Oct 12Oct 12
Tamir SulimanStreamlining Cyber Incident Response: Deploying TheHive with Docker SimplifiedTheHive Deployment with Docker: A Step-by-Step GuideJul 41Jul 41
Harshad ShahinOffensive Black Hat Hacking & SecurityKali New Release 2024.3 | Explore 11 New Tools for HackingAdvanced Penetration Testing using Kali Linux | Hacker AssociateSep 151Sep 151
cyber_pixDevSecOps and Cloud-Native Security: A Perfect MatchThe rapid evolution of cloud computing has ushered in a new era of software development, characterized by speed, agility, and scalability…Aug 14Aug 14
Amine MoussaStep-by-Step Guide to Installing Wazuh and Wazuh Agent for Enhanced Security MonitoringIntroduction:May 28May 28
Başak ErdoğaninSystem WeaknessUnderstanding IDOR Vulnerabilities: Examples and Prevention in Modern Microservice ArchitecturesWhat is IDOR?Jul 25Jul 25
Başak ErdoğaninSystem WeaknessFinding Endpoints and Secrets in JavaScript Files for Web Application SecurityIn web application security, JavaScript files can potentially contain sensitive information. Endpoints, API keys, secret keys, and other…Jul 3Jul 3
Başak ErdoğanSecurity Analysis with Open Source SBOM Projects: Using CycloneDx and Dependency- TrackSBOM (Software Bill of Materials) stands for a detailed list of all components, libraries, and dependencies used in a software project…Jun 4Jun 4