All posts by Charlie

How we tracked down (what seemed like) a memory leak in one of our Go microservices

Detectify is driving the future of internet security with appsec solutions powered by automation and crowdsourcing of web vulnerabilities. Detectify is a cloud-native security solution built upon microservices and here comes a blog post from the tech team’s adventures. The...

/ September 5, 2019

3 Real Questions About Crowdsourced Security Vendors You Should Be Asking Yourself as a CISO

A Discussion with the CISOs of Domino’s and Creative Artists Agency Security has been straddling two worlds, one of tradition and compliance and the other of innovation and pragmatism. But innovation is quickly taking over as security practices are becoming...

/ September 5, 2019

Save 20+ Hours by Reading this Blog: 3 Ways to use Enhanced Comprehensive Reporting & Analysis

We know that reports and reporting have a reputation: they can be mindless and more burdensome than valuable. Take the TPS Report popularized by the character Bill Lumbergh in the cult classic film Office Space. Reports originally intended to provide...

/ September 4, 2019

Serving the Best with the Best: Synack Announces Productivity Assessment Program

When Synack was founded in 2013, we set out to change the security testing industry by building an elite platform and a trusted network of crowdsourced security researchers to test the world’s most hardened and mature targets. Over the years,...

/ August 26, 2019

Detectify now checks for File Disclosure in SSL VPNs – Pulse Secure and Fortinet

Pulse Secure and Fortinet have announced advisories detailing a critical vulnerability found that enables an unauthenticated user to conduct file disclosure in SSL VPN. Thanks to Detectify Crowdsource hackers, Detectify checks your website for these vulnerabilities and will alert you...

/ August 22, 2019

Saying Hello The Old Fashioned Way: The First Synack Hacker Hangout in Turkey

At Synack, we’ve built a model that gives our crowdsourced Red Team members the freedom to work from anywhere in the world as long as they have a WiFi connection. This allows our top hackers who want more flexibility in...

/ August 21, 2019

Introducing Asset Inventory: stay on top of your web asset security

Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps you prioritize security issues and collaborate across teams to stay on top of your web...

/ August 6, 2019

Getting Ready for Black Hat and DEF CON by Building Trust: Join Us!

It’s just about time for the security world to head to Las Vegas next week for Black Hat, BSides Las Vegas, and DEF CON 27 to share stories, network with peers, and talk about new ideas presented by the best...

/ August 1, 2019

Meet the Team: Emelie Andersson – Building a fast-flying sales team

Swedish west coast native Emelie Andersson moved to the other side of the country 6 years ago to pursue a career in software sales. Today she is the Head of Sales for our EMEA team, and is leading the team...

/ August 1, 2019

Bypassing Cloudflare WAF with the origin server IP address

This is a guest blog post from Detectify Crowdsource hacker, Gwendal Le Coguic. This is a tutorial on how to bypass Cloudflare WAF with the origin server IP address. Detectify collaborates with trusted ethical hackers to crowdsource vulnerability research that...

/ July 31, 2019

Improving WordPress plugin security from both attack and defense sides

Paul is a front- & backend developer with a passion in security, who creates designs occasionally. After starting out with WordPress plugin vulnerabilities, he joined the bug bounty world and now also a white hat hacker in the Detectify Crowdsource...

/ July 23, 2019

A Deep Dive into XXE Injection

Written by Synack Sr. Security Program Analyst Trent GordonEditing and vulnerability reference by Senior Manager, Technical Operations Jake Garner In my career as a Security Program Analyst with Synack, I am privileged to see hundreds of unique attacks, every day,...

/ July 22, 2019