Aggregator

企业安全建设 - 软件供应链

岚光
4 years ago
背景软件供应链(Software Supply Chain)指的是软件从软件供应商到用户使用的整个过程中,从设计软件、编写代码到生成软件的开发环节,再到分发软件和用户下载的交付环节,最终到用户使...
0x0d

企业安全建设 - 安全中台

岚光
4 years ago
(本文比较偏产品,不涉及技术细节)上一篇文章说到,企业安全建设后期都会有各种各样的平台,比如 WAF、HIDS、SOC、SIEM、SOAR、SDL 等,在大部分互联网公司里,这些平台都是独立的,...
0x0d

企业安全建设

岚光
4 years ago
开个新坑,写一些企业安全建设的经验和想法。网络上安全相关的文章,最多的是攻防类的,涉及企业安全建设的基本都是《一个人的安全部》系列,里面往往列举一堆安全工具和服务。对于处于安全建设初期的企业来说...
0x0d

Drupal Core Update Addresses Critical Vulnerability

X-Force Exchange - Collection Feed
4 years ago
Summary A Security Advisory for Drupal, SA-CORE-2021-002, addresses a vulnerability rated by Drupal as Critical. Threat Type Vulnerability Overview The Drupal security advisory, SA-CORE-2021-002, addresses a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. The vulnerability is caused by a failure to properly sanitize input. The vulnerability has been rated as Critical by Drupal. No CVE number has been provided for the vulnerability. The vulnerabili

ICS-CERT Advisories April 22 2021

X-Force Exchange - Collection Feed
4 years ago
Summary The ICS-CERT has published two advisories that affect Horner Automation Cscape and Mitsubishi Electric GOT. Threat Type Vulnerability Overview The ICS-CERT has published two advisories that affect Horner Automation Cscape and Mitsubishi Electric GOT. Further information is available from the advisories which are summarized below. ICS Advisory ICSA-21-112-01 - Horner Automation Cscape CVE-2021-22678 - The affected application lacks proper validation of user-supplied data when parsing project files. T

水一下,嫖了西湖论剑的一个展位,讲解什么的,Mr6是主力,我打打杂。本来想做一批贴纸的,月亮师傅加班加点都设计出来了,可惜时间太紧了,没印,所以提前发出来让大伙瞅瞅。以后有机会再着手印一批周边。

学蚁致用
4 years ago
水一下,嫖了西湖论剑的一个展位,讲解什么的,Mr6是主力,我打打杂。本来想做一批贴纸的,月亮师傅加班加点都设计出来了,可惜时间太紧了,没印,所以提前发出来让大伙瞅瞅。以后有机会再着手印一批周边。

Managed ad