Mayhem Blog
Expert insights and tips on application security, API security, and other DevSecOps topics.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Certificate Transparency Does More Harm Than Good - Here's Why
With Google’s recent decision to change the lock icon, I’ve been spending a lot of time thinking about TLS/SSL - and certificate transparency in general. In this blog post, I’ll explore both how Certificate Transparency is helpful and the downsides, including the way it shares users' information and the rise of beg bounties.
The Hacker Mind Podcast: Tales From A Ransomware Negotiator
Say you’re an organization that’s been hit with ransomware. At what point do you need to bring in a ransomware negotiator? Should you pay, should you not? Mark Lance, the VP of DFIR and threat intelligence for GuidePoint Security, provides The Hacker Mind with stories of ransomware cases he’s handled.
SCA, SBOM, Vulnerability Management, SAST, or DAST Tools: Which Is Best for Your Team?
There are a lot of options for software security testing tools. How do you know which ones are right for you? In this blog post, I'm going to cover a simple two-step process that will allow you to pick the best software security tool for your organization.