#jobs #incident #vulnerability #patch-management #security-tools #ai #exploit #malware #detection-engineering #phishing #cloud #aws #authentication #ransomware #breach
Articles tagged with: #security-testing Clear filter
How to transition into Cybersecurity Threat Intelligence (CTI)/Malware reverse engineering from System Testing Engineering on Cloud WAFs?

How to transition into Cybersecurity Threat Intelligence (CTI)/Malware reverse engineering from System Testing Engineering on Cloud WAFs?

cybersecurity www.reddit.com

I have 9+ years of experience as a system testing engineer, focusing mainly on cloud web application firewalls (WAFs) and security testing in cloud environments. I'm interested in moving into the Cybersecurity Threat Intelligence (CTI)/Malware engineering field. What skills, certifications, or resources would you recommend to help someone with my background make this transition? Are there particular projects, labs, or communities I should get involved with? Also, are there any open-source CTI...

#cloud #malware #security-testing
How to persuade your boss to have a purple team 👾engagement performed...

How to persuade your boss to have a purple team 👾engagement performed...

cybersecurity www.reddit.com

Most security practitioners understand and appreciate the value of security testing and purple teams. But not all leadership will buy into it initially. Some thoughts I hope help change that. Using the Capita breach as supporting evidence. Ps - Thanks to stewart_sec on X for calling attention to this report. TLDR what happened: Malware got on a computer. A high alert was generated. No action by the SOC. ~4 hours later the TA logged into a host with a DA account. They had achieved privilege...

#breach #incident #malware #security-testing #purple-team
Advanced Termux Users: What is the most stable rooted environment for Wipwn/Aircrack on an older Android?

Advanced Termux Users: What is the most stable rooted environment for Wipwn/Aircrack on an older Android?

cybersecurity www.reddit.com

Hello everyone, I'm currently working on a personal project to practice network pen-testing skills using Wipwn for Wi-Fi auditing. Since the core tools require root access (a crucial step that beginners often overlook), I'm running into some kernel issues on my spare phone. My goal is to find the most stable combination for ethical, non-production testing. My Current Setup & Issues: Device: Older Android device dedicated purely to security testing. Tools: Wipwn, Aircrack-ng (via Termux from...

#security-testing
A Mapping Analysis of Requirements Between the CRA and the GDPR

A Mapping Analysis of Requirements Between the CRA and the GDPR

cs.CR updates on arXiv.org arxiv.org

arXiv:2503.01816v2 Announce Type: replace-cross Abstract: A new Cyber Resilience Act (CRA) was recently agreed upon in the European Union (EU). The paper examines and elaborates what new requirements the CRA entails by contrasting it with the older General Data Protection Regulation (GDPR). According to the results, there are overlaps in terms confidentiality, integrity, and availability guarantees, data minimization, traceability, data erasure, and security testing. The CRA's seven new...

#security-testing #gdpr
Veracode Named Leader in Gartner Magic Quadrant for App Security Testing

Veracode Named Leader in Gartner Magic Quadrant for App Security Testing

Cyber Security - AI-Tech Park ai-techpark.com

Company Recognized for its Ability to Execute and Completeness of Vision Veracode, the global leader in application risk management, has once again been positioned as a Leader in the 2025 Gartner(R) Magic Quadrant(TM) for Application Security Testing (AST)¹. This marks the company's 11th consecutive time as a Leader since the report...

#security-testing
BlackIce: A Containerized Red Teaming Toolkit for AI Security Testing

BlackIce: A Containerized Red Teaming Toolkit for AI Security Testing

cs.CR updates on arXiv.org arxiv.org

arXiv:2510.11823v1 Announce Type: new Abstract: AI models are being increasingly integrated into real-world systems, raising significant concerns about their safety and security. Consequently, AI red teaming has become essential for organizations to proactively identify and address vulnerabilities before they can be exploited by adversaries. While numerous AI red teaming tools currently exist, practitioners face challenges in selecting the most appropriate tools from a rapidly expanding...

#vulnerability #ai #security-testing
pentest-ai-killer - A pentesting toolkit for AI MCP Agent

pentest-ai-killer - A pentesting toolkit for AI MCP Agent

cybersecurity www.reddit.com

Hi everyone, I have built the pentest-ai-killer and wanted to share it with the community. Link: https://github.com/vietjovi/pentest-ai-killer/ What it is? A lightweight, open-source toolkit (MCP Agent) that helps automate parts of security testing with AI assistance. It's designed to speed up repetitive tasks, surface interesting leads, and improve exploratory pentesting workflows. Feedback welcome - issues, PRs, feature requests, or real-world use cases. If you find it useful, stars and...

#ai #red-team #security-testing