Join us

heart Posts from the community tagged with DevSecOps...
Sponsored Link FAUN Team
@faun shared a link, 1 year ago

Read DevSecOps Weekly

DevSecOps Weekly Newsletter, Zeno. Curated DevSecOps news, tutorials, tools and more - Join thousands of other readers, 100% free, unsubscribe anytime. 

Story
@tutorialboy24 shared a post, 1 year, 5 months ago
tut

Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1:

Spring is a set of frameworks for developing Applications in Java. It is widely used, and so it is not unusual to encounter it during a security audit or penetration test. One of its features that I recently encountered during a Whitebox audit is actuators. In this series of articles, I will use the..

Blue Sky Photocentric Youtube Channel Art.png
Story
@tutorialboy24 shared a post, 1 year, 5 months ago
tut

Turning cookie based XSS into account takeover

EpilogueI reported the exploitation scenario and was rewarded €500, as the impact was high. Be patient, don’t give up, and think out of the box. In this case, I used the company’s service to exploit the bug.Source :- https://tutorialboy24.blogspot.com/2022/09/turning-cookie-based-xss-into-account.ht..

xss.png
Story
@tutorialboy24 shared a post, 1 year, 5 months ago
tut

Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl

IntroductionCountless applications rely on Amazon Web Services’ Simple Notification Service for application-to-application communication such as webhooks and callbacks. To verify the authenticity of these messages, these projects use certificate-based signature validation based on the SigningCertURL..

v (1).png
Story
@boldlink shared a post, 1 year, 7 months ago
AWS DevOps Consultancy, Boldlink

Adopting DevSecOps

What is DevSecOps?DevSecOps refers to integrating security objectives as early as possible in a DevOps software delivery model. In DevsecOps, security is introduced as a shared responsibility from the beginning to the end of the software development lifecycle.DevSecOps also includes automating some ..

DevOps 7.jpg
Story
@boldlink shared a post, 1 year, 9 months ago
AWS DevOps Consultancy, Boldlink

AWS Security Intro – 4. Data

When it comes to Data, we understand that misconfigurations can expose your data to be exposed or exploited against our customers. But if guided in the correct way to use the best solutions on AWS, they can avoid the misconfigurations and pitfalls of having an abundance of choices on AWS.AWS Shared ..