updated CheckNessusAuth — a tool that helps you verify whether Nessus authenticated scans are likely to succeed or not before you start scanning.
GitHub: github.com/dietersar/Ch...
Website: secudea.be/tools/nessus...
#Nessus #CyberSecurity #VulnerabilityManagement #AuthenticatedScans
Released Django Audit Reporter to make Django dependency reviews easier.
It audits one or more Django projects and generates a consolidated report with optional email delivery.
Read further on secudea.be/tools/django...
Get in from: github.com/dietersar/dj...
#Django #Python #AppSec
What does it take to become an OT security specialist today?
secudea.be/news/becomin...
#OTSecurity #ICSsecurity #IEC62443 #NIS2
Why vendors should validate themselves before the customer does - Many vendors already apply good cybersecurity practices, but often in an ad hoc manner. By using vendor validation services internally ...
Read more on secudea.be/news/why-ven...
New SANS/GIAC study finds cybersecurity skills gap, not talent shortage, at core of workforce crisis
Smash the Stack with Swiss precision 🇨🇭💻
Join Corelan’s Stack Exploit Dev course in Zürich, Oct 7-10, 2025. 🚀
www.eventcreate.com/e/sigs-corel...
💛 Pls share 💛
What our students say on the #Corelan Stack course:
🗣️ “Peter will refute about every single thing you might have learned so far related to the topic in other courses… and then teach you it the right way from the ground up.”
See for yourself: 👉🏼 bit.ly/corelan-trai...
Have a look at my newest post to learn more whether IEC62443, NIS2 and security testing are or can be a happy marriage.
secudea.be/2025/02/15/i...
yep, true fact...
we used to have snow every year (some decades ago), now we (some of us) are happy when it finally snows, to realize it's gone after a few hours...
The other half doesn't know how to drive a vehicle anymore at that time...
I would not match them, but more like extending the test cases with what is found in the requirements.
But tbh, a good fat/sat approach should already cover all your own security requirements.
True, security requirements should idd be set during design phase and verified. First on paper allowing you to catch low hanging fruit and tailor any testing protocol, second by performing technical tests.
Some throughs on the practical side of FAT/SAT security testing within #industrial environments - secudea.be/2024/12/30/p...
#ICS #OT #FATSAT
(long overdue) wrap-up of the #ISCCPH conference in Copenhagen last November - secudea.be/2024/12/30/i...
#ICS #OT #industrial
*sigh* this has been a good security practice for several decades already (when I was still installing firewalls), so I find it a bit strange that this suddenly becomes a hot topic... are people forgetting the good stuff, what works, the basics?? Is everybody falling for buzz words instead?
Welcome to BlueSky, Andy. @defend-the-future.bsky.social
Miss you buddy, call me sometime.
He's #100 on my ICS/OT Starter Pack
go.bsky.app/SQygf7K
Who else do I need to add?
well... I sure hope other tools would also be possible to be used within segmented networks without needing direct access to the internet to fetch updates...
What are other OT/ICS security folk thinking about WSUS being deprecated?
I'd expected to see more reaction and alternatives being promoted.
#infosec #ics #ot
www.bleepingcomputer.com/news/microso...
nice :-) let me know when this plan is formalizing :-)
Or to BruCon
I created the ICS/OT Security starter pack. Please give it a follow and let me know if I'm missing anyone.
go.bsky.app/SQygf7K
hi Stephen, missing you in CPH ;-)
