Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Detectify

Core Values at Detectify: Turning problems into opportunities

At Detectify , we like to approach problems as opportunities for improvement. In the last couple of months, we’ve faced two challenges where we have taken the opportunity to rethink how we work. We’d like to share them with you to give you insight into how we work together and, hopefully, inspire some of you to try a new approach when solving your own challenges in the future! Both of these examples are related to our payment process.

Detectify Teams up with Hackers for Change

STOCKHOLM — Aug. 18, 2021 — Detectify , the SaaS security company powered by ethical hackers, today announced its partnership with Hackers for Change. The collaboration will equip non-profit organizations with the tools required to strengthen security and decrease the likelihood of cyber-attacks, supporting the mission of Hackers for Change to provide charities and nonprofits with industry-quality cybersecurity services at no cost.

Detectify expands coverage for public APIs (in development)

Our security researchers happen to be talented bug bounty hunters as well as the brains behind of Detectify's efforts to develop a leading-edge API security scanner. Why is developing a reliable API security tool so challenging? It's because every API is different, which means it’s challenging to have a standardized approach to security testing on APIs. Almroth states that the team will focus on developing an API security scanner that focuses on server-side vulnerabilities. Both share that this is going to use fuzzing techniques.

Product Update: Detectify fuzzing engine will cover public-facing APIs

Detectify is expanding its web app fuzzing engine to scan public-facing APIs for vulnerabilities. Earlier in the year, we released a new fuzzing engine, and it was developed with API scanning in mind. In Fall 2021, we will roll out open beta testing. You can register for Detectify API fuzzer updates and beta testing program.

Detectify developing API security testing with fuzzing

Yes the rumors are true, the teams at Detectify are working hard at researching and developing security testing for APIs. Senior security researchers, Tom Hudson and Fredrik Nordberg Almroth answer questions about API security. Just like web apps, APIs can’t be secured with rule-based automated scanners - they need context! That’s why we are developing our fuzzing engine to cover public-facing APIs and test them like a hacker would.

Common web vulnerabilities every hacker and developer should know

Web applications and hosted software make up the largest attack surface for modern tech organizations. The most common web vulnerabilities being exploited go beyond the OWASP Top 10 list. At Detectify, we work in close collaboration with an invite-only community called Detectify Crowdsource to get the latest vulnerability research into the hands of security defenders. Besides knowing the vulnerabilities, you need the know how on how to mitigate them.

Top 5 high severity CVEs detected by Detectify since June 2020

We’re going to highlight the Top high severity CVEs found by Detectify. Thanks to the Crowdsource global community of handpicked ethical hackers, Detectify users get continuous access to the latest threat findings “from the streets” – even actively exploited vulnerabilities for which there aren’t yet any official vendor patches or updates.

The Buyer's Guide to Scalable Application Security

Detectify is helping tech organizations bring safer web products to market by providing crowdsourced, cloud-based, continuous web app security. Here’s a buyer’s guide on how you can get scaleable application security in 2021 and beyond. There are so many appsec tools out there with the same features. It’s hard to see value clearly amongst all the noise.