Ten years ago, you could kind of get away with not paying much attention to security. This worked if you were not in certain sectors or didn’t have a certain profile, and if you were lucky. Until a few years ago.
Read our earlier article to understand how for everyone, the impact and likelihood of potential security...Read more...

In the dynamic world of cybersecurity, new challenges and opportunities continually arise. Threats are becoming more sophisticated, regulations are tightening, and the pressure on IT professionals is increasing. Within this context, pentesting, Red & purple teaming, and the Digital Operational Resilience Act (DORA)...Read more...

The Digital Operations Resilience Act (DORA), which comes into effect on January 17, 2025, aims to enhance the resilience of the financial world against potential cyber attacks. This is structured around five pillars, with ‘Digital Operational Resilience Testing’ posing significant challenges for many businesses. Kees...Read more...

gRPC is getting increasingly popular and as a result, it is encountered more often during security assessments. In this blog post, I explain the different approaches to security test gRPC services depending on the type of assessment. At the end, I will show how to extend the blackboxprotobuf Burp extension to support...Read more...

Web applications often keep state corresponding to the current user. The user gets a cookie with an opaque token, the session token. The browser includes this cookie in each request. The web application uses this token to retrieve the corresponding data from the database, which can be used by the web application.
In...Read more...