With the covid, the objective remained, but the problems and the day to day has changed. We continue to protect the organization, we continue to secure our data, and we continue to protect users. But, for each of the defense lines (operation, strategic and ), many things must be adapted.
1st line of defense: Operation
The responsibility is the continuity of operations, security monitoring, security incident management, and the assurance and implementation of controls.
The 3 pillars process, people and technology remains. We continue to have to ensure visibility, control and responsiveness. …
If you are a ethical hacker, bug hunter or penetration tester, you know that time is money. Gathering information, scanning vulnerabilities, finding a bug and writing reports can be a time-consuming and boring task. So we have prepared this list with the most common vulnerabilities that are reported frequently. This can save you some budget.
1. LOGIN/LOGOUT/NEWSLETTER CSRF
This is often reported as best practice but 99% of these reports are harmless and do not describe a real security risk.
Implement a CSRF protection mechanism that applies to all forms and even protects logged out users. …