The Blog

VSEs/SMEs and freelancers are often faced with a lack of resources and skills to secure their IT system. However, the stakes are high in the event of a computer attack: sometimes long and expensive repairs, loss of turnover, loss of reputation.
This guide aims to provide Small Businesses (SMBs) with practical and affordable advice to secure their business. It is based, among other things, on the work of the National Cyber Security Center (NCSC) and the recommendations of the National Agency for Information Systems Security (ANSSI).

The SSH remote access service allows remote administration of servers, PCs or network equipment. It is available on both Linux and MAC OS as well as Windows. It allows easy and remote access to equipment, with the privileges of the chosen user.

We will then speak of an SSH server, on which the user, the SSH client, connects.

Often exposed on the Internet, it is necessary to follow some SSH security best practices in order to reduce the risks.

During a mission, a DSecBypass pentester was confronted with the Java Apereo CAS software. It was possible to bypass software-managed SSO authentication by exploiting a Spring Boot Actuator configuration flaw.

Although HTTPS is easy to set up, default or aging configurations are often vulnerable and do not guarantee the best level of security for the user. In addition, a bad configuration also leads to a reduction in the ratings assigned by cybersecurity products on which cyber insurance can be based.

Pentest stories This series of articles makes you follow Jean, an imaginary pentester, in his missions of intrusion tests. Clients and exploit stories are just as imaginary, but correspond to reality and are based on the experiences of DSecBypass experts. It aims to...

Pentest stories This series of articles makes you follow Jean, an imaginary pentester, in his missions of intrusion tests. Clients and exploit stories are just as imaginary, but correspond to reality and are based on the experiences of DSecBypass experts. It aims to...

Pentest stories This series of articles makes you follow Jean, an imaginary pentester, in his missions of intrusion tests. Clients and exploit stories are just as imaginary, but correspond to reality and are based on the experiences of DSecBypass experts. It aims to...