software

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA)

GitHub, MITRE, News, open source, software /

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) 2024-03-08 at 06:51 By Mirko Zorz MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation safety and efficiency through the active involvement of the aviation community. ARIA suite The […]

React to this headline:

Loading spinner

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) Read More »

Tazama: Open-source real-time fraud management

Compliance, cybersecurity, fraud, GitHub, monitoring, News, open source, software, The Linux Foundation /

Tazama: Open-source real-time fraud management 2024-03-07 at 07:39 By Help Net Security Tazama is an open-source platform focused on improving fraud management within digital payment systems. Tazama marks a substantial transformation in the approach to financial monitoring and compliance worldwide. Previously, the financial sector struggled with proprietary solutions that were both expensive and restrictive, impeding

React to this headline:

Loading spinner

Tazama: Open-source real-time fraud management Read More »

5 ways to keep API integrations secure

API security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Merge, News, opinion, SIEM, software, update /

5 ways to keep API integrations secure 2024-03-06 at 08:20 By Help Net Security API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card data. Keeping this data safe from attackers—while ensuring that the integrations perform at the desired level—requires adopting several security measures.

React to this headline:

Loading spinner

5 ways to keep API integrations secure Read More »

RiskInDroid: Open-source risk analysis of Android apps

Android, code analysis, Don't miss, GitHub, Hot stuff, News, open source, scanning, software /

RiskInDroid: Open-source risk analysis of Android apps 2024-03-06 at 07:30 By Mirko Zorz RiskInDroid (Risk Index for Android) is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. How RiskInDroid works “A user should be able to quickly assess an application’s level of risk by simply glancing at RiskInDroid’s

React to this headline:

Loading spinner

RiskInDroid: Open-source risk analysis of Android apps Read More »

PyRIT: Open-source framework to find risks in generative AI systems

Adversa AI, AppOmni, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft, News, open source, Python, red team, software /

PyRIT: Open-source framework to find risks in generative AI systems 2024-03-04 at 08:02 By Mirko Zorz Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection

React to this headline:

Loading spinner

PyRIT: Open-source framework to find risks in generative AI systems Read More »

98% of businesses linked to breached third parties

cybercrime, cybersecurity, News, report, Risk Management, SecurityScorecard, software, supply chain, third party compromise /

98% of businesses linked to breached third parties 2024-03-01 at 06:32 By Help Net Security According to the updated SEC regulations on cybersecurity incident disclosure, findings by SecurityScorecard reveal that 98% of companies are associated with a third party that has experienced a breach. It often takes months or longer for breaches to become public

React to this headline:

Loading spinner

98% of businesses linked to breached third parties Read More »

BobTheSmuggler: Open-source tool for undetectable payload delivery

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

BobTheSmuggler: Open-source tool for undetectable payload delivery 2024-02-29 at 08:03 By Mirko Zorz BobTheSmuggler is an open-source tool designed to easily compress, encrypt, and securely transport your payload. It basically enables you to hide a payload in plain sight. BobTheSmuggler is helpful in phishing campaign assessments, data exfiltration exercises, and assumed breach scenarios. Features Hiding

React to this headline:

Loading spinner

BobTheSmuggler: Open-source tool for undetectable payload delivery Read More »

92% of companies eyeing investment in AI-powered software

Gartner, investment, News, report, security spending, software, survey /

92% of companies eyeing investment in AI-powered software 2024-02-23 at 06:02 By Help Net Security In 2024, buyers are increasingly focused on cost efficiency, AI functionality, and enhanced security, according to Gartner. The report reveals that 61% of buyers are seeking upgrades for more functionality in their recently purchased software. The need to upgrade reflects

React to this headline:

Loading spinner

92% of companies eyeing investment in AI-powered software Read More »

TruffleHog: Open-source solution for scanning secrets

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, scanning, software /

TruffleHog: Open-source solution for scanning secrets 2024-02-21 at 07:31 By Mirko Zorz TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning Git revision history for secrets. My hunch was

React to this headline:

Loading spinner

TruffleHog: Open-source solution for scanning secrets Read More »

CVE Prioritizer: Open-source tool to prioritize vulnerability patching

CVE, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

CVE Prioritizer: Open-source tool to prioritize vulnerability patching 2024-02-19 at 08:01 By Mirko Zorz CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to offer insights into the probability of exploitation and the potential effects of vulnerabilities on your

React to this headline:

Loading spinner

CVE Prioritizer: Open-source tool to prioritize vulnerability patching Read More »

5 free digital forensics tools to boost your investigations

computer forensics, cybersecurity, digital forensics, Don't miss, GitHub, Hot stuff, News, software /

5 free digital forensics tools to boost your investigations 2024-02-15 at 07:32 By Help Net Security Digital forensics plays a crucial role in analyzing and addressing cyberattacks, and it’s a key component of incident response. Additionally, digital forensics provides vital information for auditors, legal teams, and law enforcement agencies in the aftermath of an attack.

React to this headline:

Loading spinner

5 free digital forensics tools to boost your investigations Read More »

Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform

cybersecurity, News, Product showcase, SearchInform, software /

Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform 2024-02-13 at 06:31 By Help Net Security Basically, DLP systems are aimed at prevention of data leaks, and in real-life mode they monitor and block (if required) transmitting of confidential data. However, the traditional approach to DLP system isn’t sufficient. That’s why

React to this headline:

Loading spinner

Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform Read More »

Integrating cybersecurity into vehicle design and manufacturing

automotive security, connected cars, cyberattacks, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, REE Automotive, risk assessment, software, standards, strategy, supply chain /

Integrating cybersecurity into vehicle design and manufacturing 2024-02-12 at 08:01 By Mirko Zorz In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and connected vehicles. Edan highlights the challenges of technological advancements and outlines strategies for automakers to address cyber

React to this headline:

Loading spinner

Integrating cybersecurity into vehicle design and manufacturing Read More »

SiCat: Open-source exploit finder

451 Research, Don't miss, exploit, GitHub, Hot stuff, News, open source, software /

SiCat: Open-source exploit finder 2024-02-12 at 06:31 By Mirko Zorz SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and corresponding exploits. Akas Wisnu Aji,

React to this headline:

Loading spinner

SiCat: Open-source exploit finder Read More »

SOAPHound: Open-source tool to collect Active Directory data via ADWS

Active Directory, Don't miss, GitHub, Hot stuff, News, open source, software /

SOAPHound: Open-source tool to collect Active Directory data via ADWS 2024-02-08 at 07:02 By Mirko Zorz SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services (ADWS) protocol. How SOAPHound works SOAPHound is a substitute for various open-source security tools typically employed for extracting data from

React to this headline:

Loading spinner

SOAPHound: Open-source tool to collect Active Directory data via ADWS Read More »

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure

AWS, cybersecurity, database security, Don't miss, GitHub, Hot stuff, News, open source, software /

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure 2024-02-07 at 07:31 By Mirko Zorz Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. It’s also equipped for incident response, continuous monitoring, hardening, and forensics preparation. Details The tool includes hundreds of controls that

React to this headline:

Loading spinner

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure Read More »

Latio Application Security Tester: Use AI to scan your code

Artificial Intelligence, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OpenAI, software /

Latio Application Security Tester: Use AI to scan your code 2024-02-05 at 08:02 By Mirko Zorz Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues. Features and future plans James Berthoty, the creator of Latio Application Security Tester, told

React to this headline:

Loading spinner

Latio Application Security Tester: Use AI to scan your code Read More »

CVEMap: Open-source tool to query, browse and search CVEs

CISA, CVE, cybersecurity, Don't miss, GitHub, HackerOne, Hot stuff, News, open source, Project Discovery, software /

CVEMap: Open-source tool to query, browse and search CVEs 2024-02-01 at 07:01 By Mirko Zorz CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined and user-friendly interface for navigating vulnerability databases. Although CVEs are crucial for pinpointing and discussing security

React to this headline:

Loading spinner

CVEMap: Open-source tool to query, browse and search CVEs Read More »

Free ransomware recovery tool White Phoenix now has a web version

cybercrime, cybersecurity, disaster recovery, Don't miss, Hot stuff, Malware, News, Ransomware, software /

Free ransomware recovery tool White Phoenix now has a web version 2024-01-31 at 10:17 By Help Net Security White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested on BlackCat/ALPHV Ransomware, Play Ransomware, Qilin/Agenda Ransomware, BianLian Ransomware, and DarkBit. Intermittent encryption occurs when ransomware chooses

React to this headline:

Loading spinner

Free ransomware recovery tool White Phoenix now has a web version Read More »

Faction: Open-source pentesting report generation and collaboration framework

Don't miss, GitHub, News, open source, penetration testing, report, software /

Faction: Open-source pentesting report generation and collaboration framework 2024-01-30 at 07:31 By Mirko Zorz Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs. A key frustration for him was the redundant

React to this headline:

Loading spinner

Faction: Open-source pentesting report generation and collaboration framework Read More »

Scroll to Top