Menu

Close
  • Home
  • XFIL
  • AppSec
  • Home
Subscribe
Stratum Security Blog Menu

Stratum Security Blog

AppSec, Research, Sarcasm

Scroll Down
Page 1 of 4 Older Posts →

What we learned about cloud security running a SaaS in AWS for 5 years - Part 6 - Access Security

This is Part 6 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and did right by our »

Aliou Sylla on cloud security, aws security, aws summit 10 August 2017

Dump - a Burp plugin to dump HTTP(S) requests/responses to a file system

PortSwigger’s BurpSuite is the de facto tool for web, API, and mobile application assessments. Over the course of many engagements, the utility of being able »

Richard Springs 01 August 2017

What we learned about cloud security running a SaaS in AWS for 5 years - Part 5 - EC2 Instance Security

This is Part 5 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and never lost a customer »

Trevor Hawthorn Trevor Hawthorn on cloud security, awssummit 24 July 2017

How to Prevent RNC, Verizon, and Dow Jones AWS S3 Data Leaks

By now, you’ve probably heard of the 2.1 million customers data leaked at the highly esteemed WSJ parent company Dow Jones. In fact, in »

Aliou Sylla 21 July 2017

SameSite - Defense in Depth for HTTP Cookies

Not a lot has changed in recent years with the security of HTTP cookies. As web application security testers, we have been performing a pretty standard »

Dennis Bailey 07 July 2017
Page 1 of 4 Older Posts →
Stratum Security Blog © 2017
Proudly published with Ghost
Stratum