ForAllSecure Launches The Hacker Mind Podcast

ForAllSecure has launched an original podcast focused on hackers that’s available on Apple and Google (with more options to come). The Hacker Mind is a narrative style podcast, meaning we’ll be able to dig deep into subjects by interviewing more than one expert. And it’s hosted by Robert Vamosi, a CISSP and award-winning journalist and..

Read More

FuzzCon TV Tackles Federal Fuzz Testing

Continuing the discussions started at our successful FuzzCon event held earlier this year, ForAllSecure is hosting a series of follow-up sessions online called FuzzCon TV (formerly A Fuzzing Affair). Our second episode is hosted by Matt Venditto, VP for Federal Sales at ForAllSecure, and covers topics related to federal software systems. Guests..

Read More

FuzzCon TV Launches With An Introduction to Fuzzing Panel

Following a successful FuzzCon event held in person at RSAC in San Francisco earlier this year, ForAllSecure is continuing the discussion with a series of follow-up sessions online called FuzzCon TV (formerly A Fuzzing Affair). The first episode is designed to be an introduction to fuzzing. It is hosted by Chelsea Mastilak, Corporate & Field..

Read More

Life As A Professional Hacker

Last month Guido Vranken hosted a successful Reddit AMA, sharing insight on his experience as a professional vulnerability researcher. Top questions from Reddit included what advice he had for someone looking to make money from vulnerability research, his process for hacking, and what advice he had specifically for someone heading off to..

Read More

Challenging ROI Myths Of Software Application Security Testing (SAST)

There are several benefits for using Static Analysis Security Testing (SAST) for your software security.  Having previously worked at Coverity (now Synopsys), I’m intimately familiar with the arguments in favor of using SAST. While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen..

Read More

Why fuzzing is your friend for DevSecOps

Leaders proactively mitigate risk. One large risk they can mitigate is being blindsided by an unknown software vulnerability. Attackers who find an unknown vulnerability potentially can exploit all of an agency’s systems. When agency IT teams find a vulnerability first, they can make sure it is fixed or remediated before an attack occurs. With..

Read More

Demystifying a Docker Image

Six months ago ForAllSecure started analyzing Docker images. What does this mean?  Imagine we have a user who wants us to fuzz their application. How do they give it to us?  Do they tar it up? Do they give us access to an environment where it’s running?  Do we integrate into their build pipeline? Applications are an entire ecosystem -- they..

Read More

Top 3 Webinar Takeaways: “Continuous Fuzzing: The Trending Security Technique Among Silicon Valley’s Tech Behemoths”

Over the last decade, there’s been an uptick in progressive Silicon Valley tech behemoths adopting an application security testing technique called continuous fuzzing. While effective,  fuzzing largely remains a hidden secret to the larger developer and security communities. 

Read More

Stay Connected

Information Management Today

Subscribe to updates