9 Photos and videos
It's so easy to get lost in remote work, it's great to get together and have these incredible experiences as a team!
Our idea of a team🍕 party? A Mediterranean cruise ⛴️from Rome to the world 🍕 capital, Naples 🇮🇹! Plus dancing in Mykonos 🕺💃, the views in Santorini 🇬🇷 and the ruins in Ephesus 🇹🇷 . We also hacked 👨💻 , played 🏀 ⚽️ & relaxed🧘 💆♂️. Can't wait for our next retreat!
#doyensec
1
78
Next up from @owasp's Global AppSec is our @maxenceschmitt. His talk shows how CSRF can still be found in modern applications which utilize typical defensive mechanisms, by leveraging Client-Side Path Traversal!
youtube.com/watch?v=O1ZN_OCf…
#doyensec #appsec #cspt2csrf #owasp
4
9
489
We're proud our testing helps ensure the security of @ThinkstCanary's OSS Canary Tokens! As part of their transparency efforts, you can read the results of our latest round of testing here:
doyensec.com/resources/Doyen…
#doyensec #appsec #security #thinkst
6
31
1,620
Our latest blog post from @a_denkiewicz discloses an unpatched local privilege escalation vulnerability, impacting Windows 11. Learn how Custom Actions can be leveraged to exploit the Windows Installer Service!
blog.doyensec.com/2024/07/18…
#doyensec #appsec #security
ALT Doyensec Research
14
35
2,214
This is really innovative research! Time to update how you test for CSRF!
CSRF in modern web apps? It's still possible! Our latest research by @maxenceschmitt dives into using Client-Side Path Traversal to perform CSRF. Check out our latest blogpost and brand new #Burp extension for finding bugs.
#doyensec #appsec #CSPT2CSRF
blog.doyensec.com/2024/07/02…
2
68
Always glad to hear such great reviews from one of our clients! Doyensec aims to be a trusted advisor for all aspects of @goteleport & all our clients' AppSec needs. Contact us today to see how we can help.
goteleport.com/blog/partneri…
#doyensec #appsec #security #observa #teleport
2
11
1,046
Our latest research looked at what really matters to #productsecurity teams in Software Composition Analysis (#supplychainsecurity) - comparing 3 popular tools. Which is best for you? Read the post! blog.doyensec.com/2024/03/14…
#doyensec #security #dependabot #snyk #semgrep #infosec
5
15
4,945
New blog post on our new Server Side Prototype Pollution Gadgets Scanner plugin for #BurpSuite! It features a modern detection approach and a focus on real-world exploitation. Download it today!
blog.doyensec.com/2024/02/17…
github.com/doyensec/Server-S…
#Doyensec #AppSec #websecurity
1
25
74
5,533
Want a free ticket to #BSidesSF on May 4th & 5th? We've got something for you! Submit a PR to #inQL, our #GraphQL security tool, before April 4th for a chance to win. Check it out now: github.com/doyensec/inql
#doyensec #appsec #bsides #security #opensourcesoftware #apisecurity
2
3
759
Start your appsec career off on the right foot!
If you're in the U.S. and looking to turn your #appsec passion into a career, check out our amazing (remote) summer #internship opportunity: doyensec.com/careers.html
#doyensec #intern #security #infosecurity #ctf #BugBounty
1
72
🔥Amazing new tool alert🔥
PoIEx, a new #Doyensec tool, identifies "Points of Intersection" where code & IaC definitions meet. Visualize & explore IaC, plus create & share real-time notes w/ teammates in VS Code. Try it out today‼️
blog.doyensec.com/2024/01/30…
github.com/doyensec/PoiEx
#CloudSecurity #appsec
1
77
🎉@PortSwigger 's "Top 10 Web Hacking Techniques" voting is open. #Doyensec has 2 🔥 entries - vote now!
1️⃣ A New Vector For “Dirty” Arbitrary File Write to RCE - @maxenceschmitt & @lorenzostella
2️⃣ SSRF Cross Protocol Redirect Bypass - Szymon Drosdzol
portswigger.net/polls/top-10…
1
10
26
2,107
Learn more about how having a security-oriented scheduling strategy for #k8s can limit opportunities for lateral movement within your environment in our latest blog post.
#doyensec #Kubernetes #security #appsec
blog.doyensec.com/2024/01/23…
8
13
1,937
