Видео

We conducted a research project to use AI LLMs to discover how many vulnerabilities in open-source projects are patched, but never disclosed. To do this we trained LLMs to read changelogs in projects and discover when security fixes were applied but no CVE was created yet. We discovered the 67% of all projects never were publically disclosed including some pretty scary examples. Checkout Aikido...

SQL injection (SQLi) is a vulnerability as old as the internet itself, yet it remains one of the most exploited security flaws today. Despite decades of breaches, best practices, and tools, organizations still struggle to prevent SQLi attacks. In this video, we explore why SQL injection is still a critical issue in 2024, dive into the latest statistics on SQLi vulnerabilities in open-source and...

In this video, we break down Insecure Design, a critical issue from the OWASP Top 10, that leads to serious vulnerabilities in applications. Dive into real-world examples of insecure design flaws, such as business logic vulnerabilities, revealing sensitive data in error messages, and failure to log critical actions. We also cover essential prevention strategies using frameworks like STRIDE for ...

This video dives into the world of injection attacks, including SQL injection, code injection, and cross-site scripting (XSS). It explains how these vulnerabilities work, demonstrates practical examples of exploiting them, and discusses the impact of real-world breaches. The video also covers essential prevention techniques, such as input validation and the use of security tools, to protect web...

In this video, we dive deep into cryptographic failures, the second most critical vulnerability in the OWASP Top 10. Cryptographic vulnerabilities can expose sensitive data, lead to breaches, and compromise entire systems. We explore what cryptographic failures are, the common causes behind them, and how to avoid them. Using the Freecycle breach as a real-world case study, we examine the devast...

Disney announced it will be leaving Slack as an internal messaging system after suffering a breach where sensitive information was leaked. In this video we look at what exactly happened, what it means for the security of Slack and if this is the end of Disneys security troubles (for now).

Broken Access Control Explained: The #1 OWASP Vulnerability You Need to Fix