The content delivery networks (CDN) product category has two market leaders — Cloudflare and Akamai. Both are extremely well-known and are used by thousands of businesses across different industries and geographies. We are going to compare them from the cybersecurity perspective as this is what we are doing for a…

During one of the recent cybersecurity conferences, I heard the idea that hacking a connected car can’t result in significant business risks. The logic is obvious: the car’s cost is insignificant compared to the multi-million worth of corporate assets. …

Hi folks, before we have reviewed the top ten tools for Android penetration testing and security assessment, and today we are gonna talk about Apple iOS. Some of the tools which were described in a previous article are also applicable for iOS. All presented tools are our individual selection. The List Frida…

Hi folks, we’re researching open-source Android security assessment tools today! These tools are useful for penetration testing, security assessment, and DevSecOps engagements. The List MobSF — It’s the most popular tool for security assessment for both Android and iOS platforms. Although the tool is built for Android application analysis — supports static…

This is a guest story from Igor Voschyk — an experienced security expert, who conducted penetration testing & red teaming for variety of industries — financial institutions, oil&gas, mobile network operators and automotive. Intro Day by day high-profile orgs are facing increased cybersecurity risks. …

This time we compare uncomparable — two distinct brands within DevSecOps secrets management space — RedHat OpenShift secrets and KeyWhiz from Square. Both pieces have one thing in common — they come literally for free, because OpenShift secrets is a built-in feature of RedHat OpenShift and KeyWhiz is an Open…

This time we compare two brands with Open Source secrets management software — Hashicorp Vault Open Source Edition and KeyWhiz from Square. While Hashicorp is widely known Keywhiz is not, it has been developed for internal purposes of Square and its server provides JSON APIs for accessing and managing secrets…

Secrets management space has two distinct kinds — cloud-based and universal, for instance — Hashicorp and AWS Secrets Manager. Surely we can compare these two when we cover AWS infrastructure with our applications running on top and secrets spread across. Which solution is better? Deployment and setup There is massive evidence regarding Hashicorp —…

We researched how companies apply API Gateways to protect their API endpoints and assets and here’s what we discovered from 10 CTOs, CEOs and Engineers from the US, Canada and Germany: “1. APIs are the digital connectors that enable businesses to communicate with the rest of the world. Unfortunately, malicious…