Menu

Close
  • Home
  • XFIL
  • AppSec
  • Home
Subscribe
Stratum Security Blog Menu

Stratum Security Blog

AppSec, Research, Sarcasm

Scroll Down
Page 1 of 3 Older Posts →

Early Lessons from the Capital One Data Breach

As more details about the Capital One breach are released in court filings and media reporting, we can start to look at where controls failed to »

Jared Perry 31 July 2019

Route 53 as Pentest Infrastructure

Use of DNS infrastructure is a staple of blind application testing and data exfiltration. Both of these scenarios are applicable in most pentest engagements, but building »

Jared Perry on exfiltration, aws, appsec, pentest 17 October 2018

PoC for CVE-2017-16744 and CVE-2017-16748

Proof of Concept (PoC) Date: 09/04/2018 Exploit Author: Jonathan Gaines Vendor Homepage: https://www.tridium.com/ Version: Affects Tridium Niagara AX Versions: 3.8 »

Jon Gaines 06 September 2018

What we learned about cloud security running a SaaS in AWS for 5 years - Part 7 - Availability

This is Part 7 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and did right by our »

Aliou Sylla on aws security, aws, awssummit 19 October 2017

What we learned about cloud security running a SaaS in AWS for 5 years - Part 6 - Access Security

This is Part 6 of a multi-part series of posts on how we securely ran ThreatSim in AWS for 5 years and did right by our »

Aliou Sylla on cloud security, aws security, aws summit 10 August 2017
Page 1 of 3 Older Posts →
Stratum Security Blog © 2020
Proudly published with Ghost
Stratum