Security

Security

  • 5 posts

Unpacking the Apache ActiveMQ Exploit (CVE-2023-46604)

Pre-reading Requirements In this post, I assume you have a basic background in software and cybersecurity engineering. However, even if you're not highly technical, don't worry, I will ensure that you can grasp and understand the intricacies of the vulnerability and the exploit, as well as

Privacy Concerns and Potential Attacks in LLMs

Large Language Models (LLMs), exemplified by OpenAI’s GPT-4 and Meta’s LLaMA, continue to impress us with their capabilities, which have surpassed expectations from just a few years ago. Recently, the research community has shifted its focus towards the optimal and efficient usage of resources. Concepts like the Mixture

Feedback-based Application Security Testing (FAST)

DAST and black-box approaches are methods used to test the security of an application by analyzing its behavior in response to inputs without having knowledge of the application’s internal structure or the code being executed. These approaches rely on generating inputs through methods such as brute force and randomness,

Runtime Application Self Protection (RASP)

Traditional security measures, including firewalls, intrusion detection systems and AVs aim to prevent malicious activities by identifying and blocking known threats before they can cause harm. These security measures frequently employ signature-based detection methods, complemented by heuristic, machine learning and behavior analysis techniques. RASP (in short for Runtime Application Self

Application Security Testing: DAST, SAST and IAST.

Tests are a crucial part of the software development life cycle (SDLC) and are used to ensure that the software is functioning as intended. There are various types of tests that can be performed, including functional and non-functional tests. Functional testing is used to verify that the software meets its