Introducing Tripod: an Open Source Machine Learning Tool

The Human Element and Security Awareness

Automating Secure Firewall Change Requests

DYK?

Connect with us

Using Machine Learning to Detect Command Line Anomalies

Click here to read this article.

Ongoing Research

MAVLink: Helping to Improve Our Cloud Services Hygiene

Click here to read this article.

Security Automation

Help Avoid DNS Takeovers

Click here to read this article.

Ongoing Research

Better Security Hygiene for Containers

Click here to read this article.

Security Automation

Wrangling Those Pesky 3rd-party Software Vulnerabilities

Like many large software companies, Adobe makes use of both open source and commercial off-the-shelf software components to deliver solutions to its customers.

Security Automation

Adobe & Splunk CTF Competition

A hallmark of an engaged team is continuous learning and improvement. And this is no different for a SOC (Security Operations Center) team.

How Adobe Helps Protect You from Email Phishing

Email has always been a tool of choice cybercriminals.  By capitalizing on an established company’s brand reputation, they can send emails with malicious intent (links, attachments, phishing, etc.) and trick people

The Impact of Public Policy on Cybersecurity

Public policy has been joined at the hip with cybersecurity in some shape, form or fashion for a while now. Whether it’s been efforts to increase information sharing between businesses and government agencies,

Introducing HubbleStack

Hello! My name is Colton Myers and I am the co-creator and architect of HubbleStack, an open-source security compliance project written in Python.

ReproNow: Triage Assistant

Bug bounty programs (i.e.crowdsourced security) can bring a lot of benefits. Organizations are able to leverage talent from all over the world while bug hunters can get compensated for submitting bugs and

Leveraging Security Headers for Better Web App Security

Modern browsers support quite a few HTTP headers that provide an additional layer in any defense-in-depth strategy. If present in an HTTP response, these headers enable compatible browsers to enforce certain security properties.

OWASP, IR, ML, and Internal Bug Bounties

A few weeks ago, I traveled to the OWASP Summit located just outside of London. The OWASP Summit is not a conference. It is a remote offsite event for OWASP leaders and the community to brain storm on how to improve OWASP. 

Lessons Learned from Improving Transport Layer Security (TLS) at Adobe

Transport Layer Security (TLS) is the foundation of security on the internet. As our team evolved from primarily consultative role to solve problems for the entire company, we chose TLS as one of the areas to improve.

Getting Secrets Out of Source Code

Secrets are valuable information targeted by attackers to get access to your system and data. Secrets can be encryption keys, passwords, private keys, AWS secrets, Oauth tokens, JWT tokens, Slack tokens, API secrets, and so on.