🦀 Memory Safe Languages in Android 13 To date, 0 memory safety vulns in Android’s Rust code Historical vulnerability density is >1/kLOC in C/C++ components → Rust has already prevented 100s of vulns By Jeff Vander Stoep security.googleblog.com/2022/12/memory…

✅ How to *actually* roll out YubiKeys/WebAuthN Industry advice is to "just do it" But it's actually really hard in practice 8 resources on lessons learned from companies who've done it 🧵

30 cybersecurity search engines for researchers: 1. Dehashed—View leaked credentials. 2. SecurityTrails—Extensive DNS data. 3. DorkSearch—Really fast Google dorking. 4. ExploitDB—Archive of various exploits. 5. ZoomEye—Gather information about targets.

🗒️ @OWASP Kubernetes Top 10 Broken down into 3 categories in order of likelihood: 1️⃣ Misconfigurations 2️⃣ Lack of visibility 3️⃣ Vulnerability management Risks, mitigations, and lots of relevant tools By Sysdig sysdig.com/blog/top-owasp…

📖 Penetration Testing Findings Repository A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test By Cybersecurity and Infrastructure Security Agency #cybersecurity github.com/cisagov/pen-te…

Aaron Guzman's insightful talk helps us discover OWASP's IoT Security Testing Guide for effective penetration tests and dive into robust methodologies and tools. #PlanetCyberSec #AppSecSoCal #AppSec #infosec #IoTSecurity A-a-ron Guzman

Introductions are happening for the State of {Absolute} AppSec panel at LASCON. Joining Ken Johnson and SeThLaW (l4wke) are evan j , James Wickett, and A-a-ron Guzman. Hop in to the discussion here: youtube.com/watch?v=g5JJ07…

Strengthen Enterprise Security Through Collaboration at Planet Cyber Sec AppSec SoCal! Join Omar Minawi, A-a-ron Guzman, Shelby Pace and Natalya Krecker for "How to Win Friends and Influence Trust: Reducing API AuthZ Risks Through Collaborative Defenses." Discover: - Power of

Come learn about OWASP ISTG from Luca and I 😎

Presented at OWASP® Foundation Global SF this week on the IoT security testing guide (ISTG) project released earlier this year 👏 it was awesome to connect with old friends and learn of their perspectives for the future. Amazing event! 🤩

We’re excited to announce that Aaron Guzman (A-a-ron Guzman) will be speaking at the Bug Bounty Village at DEF CON 33! Stay tuned for more details on their talk, you won’t want to miss it. #BugBounty #DEFCON #BBV #BugBountyVillage

Don't miss "To Pay or Not to Pay? The Battle Between Bug Bounty & Vulnerability Disclosure Programs" by Aaron Guzman (A-a-ron Guzman) on Friday, August 8 at 04:00 PM inside the Village. Read more at bugbountydefcon.com/agenda #BugBounty #DEFCON33

Excited to share the bounty & VDP evolution story with a sneak peek into the massive opportunities we're cooking up for our researcher community 🧑‍🍳 Real program data, real researcher, & business impacting outcomes🚀 we’re running a WiFi 7 program now🛜 #DEFCON #bugbountyvillage

Here’s the second half of our Friday lineup at @DEFCON – and it’s just as stacked. 🔥 Dane Sherrets, Shlomie Liberow, Michael Gianarakis, Jordan Macey, Parsia Hakimian, A-a-ron Guzman, nytr0gen, erbbysam ㋬, and BrunoZero. See you there. 👀 #BugBounty