#security Articles


Ostorlab
Life of a Scan: how Ostorlab's open-source vulnerability scanner works
Tue 02 August 2022

This article talks about how Ostorlab works under the hood.

Attack Surface Management
Attack Surface Insights - part 2
Thu 16 June 2022

Attack Surface is not just about open ports and services; this article covers key insights beyond the standard technical ones.

Attack Surface Management
Mapping your Attack Surface - part 1
Tue 17 May 2022

Attack surface mapping has become the number one headache of CISO's of most large organization, this article goes over techniques and tools used by Ostorlab to enable powerful and accurate attack surface discovery and monitoring.

Ostorlab
Ostorlab is Open-Source 🎊
Mon 21 February 2022

This is a major release open-sourcing Ostorlab and announcing tons of new features and capabilities.

Web
Finding superhuman XSS polyglot payloads with Genetic Algorithms
Mon 01 March 2021

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

Autonomous Security
Autonomous Security: Pushing Security Automation to the Next Level
Mon 26 October 2020

The article introduces the term Autonomous Security in the context of security scanning and defines 5 tiers of maturity.

Web
DOM XSS Fuzzing strategies - Part 1
Sat 22 December 2018
By ASM

XSS are still by far the most common tyope of vulnerabilities, this article presents strategies to automate the search for XSSes.

Mobile
Hardcoded AWS keys in Mobile Applications
Thu 20 December 2018

This article is about how to manage AWS access keys when using AWS services in your mobile application.