List of Purple Team Blogs I've done: - NEW: Purple Maturity Model scythe.io/library/introd… - Why assume breach? scythe.io/library/why-as… - Pain of PowerShell: scythe.io/library/the-co… - Intro to Adversary Emulation: scythe.io/library/introd… #PurpleTeam…

Today we are proposing a preliminary answer to that question, which initially started out as Advanced Purple Teaming and evolved into something even larger in scope (sidenote: Advanced Purple Teaming is coming). Our answer is what we are calling the Purple…

In today’s cloud data centers and edge computing, attack surfaces have significantly increased, hacking has become industrialized, and most security control implementations are not coherent or consistent. The foundation of any data center or edge computing…

Now, we all agree that various cloud technologies such as SaaS SIEM help your Security Operations Center (SOC). However, there’s also a need to talk about how traditional SOCs are challenged by the…

In the aftermath of the Colonial Pipeline attack, global IT association and learning community ISACA polled more than 1,200 members in the United States and found that 84 percent of respondents believe ransomware attacks will become more prevalent in the…

The Kali Linux team has released Kaboxer, a tool for packaging tricky applications into Docker containers and managing them on Kali Linux.

I have created a simple mindmap to organise various test cases around Android Application Penetration Testing. Android Application Penetration Testing Mindmap: xmind.net/m/paUMuU I hope you find it useful. #appsec #mobileappsec #infosec #bugbountytips #bugbounty

A ZeroNorth survey of 250 global security, DevOps and IT professionals, highlights the current state of AppSec and the journey to DevSecOps.

Сайт Международной организации по стандартизации (ИСО) сообщил о публикации в марте 2021 года нового технического отчёта ISO/TR 21332:2021 «...

🎓 Path to a free self-taught education in Computer Science! - ossu/computer-science

# EU MITRE ATT&CK® Community Workshop – Slide decks The 2025 EU ATT&CK Community Workshop has taken place on 15 May 2025. The slide decks of the presentations at the event can be downloaded on the following link: Presentations at the 2025 EU MITRE ATT&CK…

To help the energy industry improve its resilience against cyber risk, the World Economic Forum has convened over 40 senior executives to establish a blueprint for evaluating cyber risk across the oil and gas industry. This White Paper is the result of their…

ФСТЭК совместно с ФГБУН "Институт системного программирования им. В.П.Иванникова Российской академии наук" и медиагруппой "Авангард" разместил на сайте видеолекции на тему фаззинг-тестирования twitter.com/gniiiptzi/stat…

The new cryptographic standards will likely underpin IT design and guide industrial purchasing decisions for decades to come.

This document outlines the result of work package 11 of the project “SiSyPHuS Win10: Studie zu Systemaufbau, Protokollierung, Härtung und Sicherheitsfunktionen in Windows 10” (orig., ger.). This project is being conducted by the company ERNW Enno Rey Netzwerke…

As technological and legal changes have hollowed out the protections that reporters and news organizations have depended upon for decades, information securi... | CUP

Microsoft выложили (точнее обновили) презентацию с описанием Microsoft Cybersecurity Reference Architectures docs.microsoft.com/en-us/security…